| montyburns | 14.07.2012 18:02 |
Hi und danke,
unten nun das Log von OTL.
Viele Grüße
OTL Logfile:
OTL EXTRAS Logfile: Code:
OTL logfile created on: 14.07.2012 17:57:04 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Max Mustermann\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 51,17% Memory free
6,21 Gb Paging File | 4,72 Gb Available in Paging File | 75,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,56 Gb Total Space | 128,70 Gb Free Space | 46,20% Space Free | Partition Type: NTFS
Drive D: | 19,52 Gb Total Space | 9,69 Gb Free Space | 49,66% Space Free | Partition Type: FAT32
Computer Name: MaxMustermann-PC | User Name: Max Mustermann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.14 17:54:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Max Mustermann\Downloads\OTL.exe
PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Max Mustermann\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.05.12 09:47:32 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.12 09:47:31 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.12 09:47:31 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.12 09:47:31 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.12 09:47:30 | 000,613,328 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\update.exe
PRC - [2012.05.12 09:47:30 | 000,047,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\updrgui.exe
PRC - [2012.02.23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.12.31 12:57:56 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2009.06.22 15:21:58 | 000,304,592 | ---- | M] () -- C:\Program Files\XSManager\WTGService.exe
PRC - [2009.06.17 12:28:46 | 000,157,968 | R--- | M] (4G Systems GmbH & Co. KG) -- C:\Windows\starter4g.exe
PRC - [2009.06.17 12:28:08 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) -- C:\Windows\service4g.exe
PRC - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.08.06 17:18:52 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.03.28 17:49:36 | 000,368,640 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFServices.exe
PRC - [2008.03.20 20:23:22 | 000,083,240 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\HomeCinema\PowerDVD8\PDVD8Serv.exe
PRC - [2008.01.21 04:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.21 04:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.08.12 22:49:50 | 000,073,728 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFPrintServer.exe
PRC - [2007.06.11 06:30:58 | 000,012,288 | ---- | M] () -- C:\Windows\System32\MF2GDIPO.EXE
PRC - [2007.06.05 13:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2005.10.10 13:16:48 | 000,057,344 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE3.0\opwareSE3.exe
========== Modules (No Company Name) ==========
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.03.28 17:49:36 | 000,368,640 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFServices.exe
MOD - [2008.03.24 14:02:44 | 000,720,896 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\Utility32U.dll
MOD - [2007.08.12 23:00:20 | 000,032,768 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFServiceTR29U.dll
MOD - [2007.08.12 23:00:16 | 000,356,352 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\TiffU.dll
MOD - [2007.08.12 22:59:44 | 000,135,168 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\GraphicsU.dll
MOD - [2007.08.12 22:59:36 | 000,245,760 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\ProtocolU.dll
MOD - [2007.08.12 22:58:20 | 000,086,016 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\SuStringU.dll
MOD - [2007.08.12 22:58:18 | 000,245,760 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\AdvancedU.dll
MOD - [2007.08.12 22:49:50 | 000,073,728 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFPrintServer.exe
MOD - [2007.08.12 22:46:44 | 000,212,992 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\SMSU.dll
MOD - [2007.08.12 22:45:50 | 000,028,672 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFServiceFOLDERu.dll
MOD - [2007.08.12 22:45:40 | 000,315,392 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\FAXU.dll
MOD - [2007.08.12 22:41:26 | 000,032,768 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\PrintFaxU.dll
MOD - [2007.08.12 22:41:20 | 000,049,152 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\Pdg32U.dll
MOD - [2007.08.12 22:41:14 | 000,053,248 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\DigitalizerU.dll
MOD - [2007.08.12 22:40:18 | 000,024,576 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFServiceTSU.dll
MOD - [2007.08.12 22:40:16 | 000,036,864 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFServiceMONU.dll
MOD - [2007.08.12 22:40:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFServiceHTTPU.dll
MOD - [2007.08.12 22:40:06 | 000,061,440 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFServiceAPIU.dll
MOD - [2007.08.12 22:39:50 | 000,503,808 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\PlugInU.dll
MOD - [2007.08.12 22:39:20 | 000,139,264 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\DeviceU.dll
MOD - [2007.08.12 22:39:12 | 000,143,360 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\HAL\XMLDIUSBU.dll
MOD - [2007.08.12 22:39:04 | 000,172,032 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\HAL\XMLDILANU.dll
MOD - [2007.08.12 22:38:58 | 000,028,672 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\HTTPClientU.dll
MOD - [2007.08.12 22:38:52 | 000,053,248 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\SMTPServerU.dll
MOD - [2007.08.12 22:38:48 | 000,053,248 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\SMTPClientU.dll
MOD - [2007.08.12 22:38:44 | 000,065,536 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\MFMimeParserU.dll
MOD - [2007.08.12 22:38:30 | 000,368,640 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\AddressBookU.dll
MOD - [2007.08.12 22:38:02 | 000,131,072 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\ComponentsU.dll
MOD - [2007.08.12 22:37:46 | 000,417,792 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\ControlsU.dll
MOD - [2007.08.12 22:37:22 | 000,118,784 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\RouterU.dll
MOD - [2007.04.18 01:22:04 | 000,069,632 | ---- | M] () -- C:\Program Files\Companion Suite Pro LM2\QTrace.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\System Control Manager\edd.exe -- (NishService)
SRV - [2012.07.12 16:23:32 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.01 20:30:43 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.12 09:47:32 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.12 09:47:31 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.31 12:57:56 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2010.09.01 16:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2009.11.04 23:39:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.06.22 15:21:58 | 000,304,592 | ---- | M] () [Auto | Running] -- C:\Program Files\XSManager\WTGService.exe -- (WTGService)
SRV - [2009.06.17 12:28:08 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) [Auto | Running] -- C:\Windows\service4g.exe -- (XS Stick Service)
SRV - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.06.05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\MGHwCtrl.sys -- (MGHwCtrl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.05.12 09:47:32 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.12 09:47:32 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.19 17:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.12.31 12:48:26 | 000,234,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010.12.30 13:19:46 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.12.30 13:19:46 | 000,051,456 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - [2010.12.30 13:19:46 | 000,026,496 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2010.12.30 13:19:44 | 000,085,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2010.12.30 13:19:38 | 000,191,872 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.12.30 13:19:32 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010.06.17 16:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.08.26 19:28:34 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009.08.26 19:28:34 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.03.25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009.03.25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009.03.25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009.03.25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009.03.25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009.03.25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009.03.25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008.10.31 16:19:38 | 000,103,424 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV - [2008.10.21 10:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008.10.21 10:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV - [2008.10.21 10:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV - [2008.10.21 10:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008.10.21 10:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV - [2008.10.21 10:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV - [2008.10.21 10:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008.09.09 11:58:32 | 000,099,216 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.08.06 16:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.02.01 07:56:48 | 000,160,816 | ---- | M] (Auerswald GmbH & Co.KG ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\auusb.sys -- (auusb)
DRV - [2008.01.09 13:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2007.08.11 22:55:10 | 000,061,820 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\MF2NT.sys -- (mf2nt)
DRV - [2007.03.20 10:45:08 | 000,010,368 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MF2ACT.sys -- (MF2ACT)
DRV - [2007.01.08 23:18:28 | 000,031,879 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\XMLDIUSB.sys -- (XMLDIUSB)
DRV - [2006.11.22 09:52:08 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.sys -- (SSPORT)
DRV - [2004.08.11 15:39:38 | 000,041,984 | R--- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DgivEcp.sys -- (DgiVecp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes,DefaultScope /d {67A2568C-7A0A-4EED-AECC-B5405DE63B64} /f >Nul 2>Nul =
IE - HKLM\..\SearchScopes\{7EBD9636-F36B-41BC-A060-D4D0646BCEED}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\..\SearchScopes,DefaultScope /d {67A2568C-7A0A-4EED-AECC-B5405DE63B64} /f >Nul 2>Nul =
IE - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\..\SearchScopes\{2DCD9DE6-1927-470C-84D5-5E6A1170B84C}: "URL" = hxxp://isearch.avg.com/search?cid={D05D0837-2D29-4360-87B0-217D7EF21302}&mid=f139b939c46647d18d88d168c33b730c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=tg025&pr=sa&d=2011-08-29 18:26:45&v=8.0.0.33&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://startsear.ch/?aff=1&q={searchTerms}
IE - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\..\SearchScopes\{7EBD9636-F36B-41BC-A060-D4D0646BCEED}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de/news"
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0
FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {9d81af43-de53-48d0-a199-42c2a226b24c}:3.3.3.2
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.17 17:48:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.01 20:30:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.12 23:09:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.02.06 23:21:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.01 20:30:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.12 23:09:51 | 000,000,000 | ---D | M]
[2010.01.21 19:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max Mustermann\AppData\Roaming\mozilla\Extensions
[2010.01.21 19:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max Mustermann\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.07.04 22:29:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max Mustermann\AppData\Roaming\mozilla\Firefox\Profiles\6bxs5b0k.default\extensions
[2012.07.04 22:29:09 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Max Mustermann\AppData\Roaming\mozilla\Firefox\Profiles\6bxs5b0k.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2012.05.30 20:56:52 | 000,000,000 | ---D | M] (ST Deutsch FF Community Toolbar) -- C:\Users\Max Mustermann\AppData\Roaming\mozilla\Firefox\Profiles\6bxs5b0k.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
[2010.04.20 21:02:37 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Max Mustermann\AppData\Roaming\mozilla\Firefox\Profiles\6bxs5b0k.default\extensions\firefox@tvunetworks.com
[2011.06.30 21:17:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max Mustermann\AppData\Roaming\mozilla\Firefox\Profiles\6bxs5b0k.default\extensions\nostmp
[2010.09.21 20:52:10 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Max Mustermann\AppData\Roaming\mozilla\Firefox\Profiles\6bxs5b0k.default\extensions\vshare@toolbar
[2011.12.17 17:44:37 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\Max Mustermann\AppData\Roaming\mozilla\Firefox\Profiles\6bxs5b0k.default\extensions\welcome@toolmin.com
[2011.12.11 17:17:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.07.30 13:33:13 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.12.17 17:48:31 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.05.18 18:59:09 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\Max Mustermann\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6BXS5B0K.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2012.04.19 13:40:22 | 000,159,573 | ---- | M] () (No name found) -- C:\USERS\Max Mustermann\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6BXS5B0K.DEFAULT\EXTENSIONS\RAISMTH@MITM.RC.XPI
[2012.07.01 20:30:44 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.07.01 20:30:39 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.01 20:30:39 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.01 20:30:39 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.01 20:30:39 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.17 17:44:37 | 000,000,158 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search the web.src
[2012.07.01 20:30:39 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.01 20:30:39 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: YouTube = C:\Users\Max Mustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\Max Mustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\Max Mustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Max Mustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Max Mustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MFPrintServer_Pro_LM] C:\Program Files\Companion Suite Pro LM2\MFPrintServer.exe ()
O4 - HKLM..\Run: [MFServices_Pro_LM] C:\Program Files\Companion Suite Pro LM2\MFServices.exe ()
O4 - HKLM..\Run: [OpwareSE3] C:\Program Files\ScanSoft\OmniPageSE3.0\OpwareSE3.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\HomeCinema\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000..\Run: [Exezyskana] C:\Users\Max Mustermann\AppData\Roaming\Ereta\ifmuu.exe ()
O4 - HKU\S-1-5-21-1911406567-2329552222-4229325174-1000..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - Startup: C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Max Mustermann\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A9D9770-C9DF-4C3F-8669-70E2C8C4A68C}: DhcpNameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F22CC12-DD96-46EA-BECD-ED5CF7706407}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B47870DF-FD61-4EFE-B244-F4ADDAE6A5C6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCBDB893-30F7-4257-97D9-A4522FF7EB32}: DhcpNameServer = 212.166.132.109 212.73.32.67
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{37dafd11-67ee-11df-aa17-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{37dafd11-67ee-11df-aa17-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{37dafd3d-67ee-11df-aa17-00224315d19b}\Shell - "" = AutoRun
O33 - MountPoints2\{37dafd3d-67ee-11df-aa17-00224315d19b}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{3cbbd917-b2f8-11e0-946f-002185df9aff}\Shell - "" = AutoRun
O33 - MountPoints2\{3cbbd917-b2f8-11e0-946f-002185df9aff}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4ccd9742-ff97-11de-a160-002185df9aff}\Shell - "" = AutoRun
O33 - MountPoints2\{4ccd9742-ff97-11de-a160-002185df9aff}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{94f43cc8-b2f6-11e0-828d-00224315d19b}\Shell - "" = AutoRun
O33 - MountPoints2\{94f43cc8-b2f6-11e0-828d-00224315d19b}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{cf29e988-cf04-11e0-ba19-002185df9aff}\Shell - "" = AutoRun
O33 - MountPoints2\{cf29e988-cf04-11e0-ba19-002185df9aff}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d6e0570f-3beb-11df-8aa7-002185df9aff}\Shell - "" = AutoRun
O33 - MountPoints2\{d6e0570f-3beb-11df-8aa7-002185df9aff}\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EB334411-C9DB-14BC-63A6-11D01DD460F4} - Adobe Shockwave Director 11.0
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.07.12 23:39:24 | 000,000,000 | ---D | C] -- C:\Users\Max Mustermann\AppData\Roaming\Ahabg
[2012.07.12 23:39:23 | 000,000,000 | ---D | C] -- C:\Users\Max Mustermann\AppData\Roaming\Orabli
[2012.07.12 23:39:23 | 000,000,000 | ---D | C] -- C:\Users\Max Mustermann\AppData\Roaming\Ereta
[2012.07.04 22:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.06.27 18:24:28 | 000,000,000 | ---D | C] -- C:\ProgramData\fcrjnefwpxjskbb
[2012.06.24 08:36:25 | 000,000,000 | ---D | C] -- C:\Users\Max Mustermann\AppData\Local\Macromedia
[2010.12.27 18:59:33 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe1E1C.dll
[2009.11.26 19:10:53 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe25E7.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.14 18:05:00 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
[2012.07.14 17:56:59 | 000,618,430 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.14 17:56:59 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.14 17:56:59 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.14 17:56:59 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.14 17:54:51 | 000,000,897 | ---- | M] () -- C:\Users\Max Mustermann\Desktop\OTL - Verknüpfung.lnk
[2012.07.14 17:51:52 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.14 17:50:31 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.14 17:50:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.14 17:50:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.14 17:50:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.14 17:49:58 | 3212,087,296 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.13 00:23:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.12 23:09:19 | 000,000,938 | ---- | M] () -- C:\Users\Max Mustermann\Desktop\adwcleaner - Verknüpfung.lnk
[2012.07.12 21:24:33 | 000,002,591 | ---- | M] () -- C:\Users\Max Mustermann\Desktop\Microsoft Office Word 2007.lnk
[2012.06.28 23:50:59 | 000,314,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.27 21:40:07 | 000,002,497 | ---- | M] () -- C:\Users\Max Mustermann\Desktop\HiJackThis.lnk
[2012.06.27 19:33:13 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.27 19:16:10 | 000,000,680 | ---- | M] () -- C:\Users\Max Mustermann\AppData\Local\d3d9caps.dat
[2012.06.27 18:24:31 | 000,000,052 | ---- | M] () -- C:\ProgramData\lsvukeynxhvxwlp
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.14 17:54:51 | 000,000,897 | ---- | C] () -- C:\Users\Max Mustermann\Desktop\OTL - Verknüpfung.lnk
[2012.07.12 23:09:19 | 000,000,938 | ---- | C] () -- C:\Users\Max Mustermann\Desktop\adwcleaner - Verknüpfung.lnk
[2012.06.28 23:50:19 | 3212,087,296 | -HS- | C] () -- C:\hiberfil.sys
[2012.06.27 19:33:13 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.27 18:24:24 | 000,000,052 | ---- | C] () -- C:\ProgramData\lsvukeynxhvxwlp
[2011.07.29 12:12:03 | 000,000,000 | ---- | C] () -- C:\Users\Max Mustermann\AppData\Local\{8511E44F-63D3-4167-96C6-5CC9C54242AB}
[2011.04.12 23:07:50 | 000,200,704 | ---- | C] () -- C:\Windows\System32\SvcMan.exe
[2011.04.12 23:07:50 | 000,040,960 | ---- | C] () -- C:\Windows\System32\W2KUSBIF.DLL
[2011.04.12 23:07:50 | 000,040,960 | ---- | C] () -- C:\Windows\System32\spusbif.dll
[2011.04.12 23:07:50 | 000,001,593 | ---- | C] () -- C:\Windows\System32\portex16.dll
[2010.12.31 12:48:56 | 000,208,552 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2010.11.28 15:55:11 | 000,000,680 | ---- | C] () -- C:\Users\Max Mustermann\AppData\Local\d3d9caps.dat
[2010.08.08 16:03:55 | 000,000,218 | ---- | C] () -- C:\Users\Max Mustermann\.recently-used.xbel
[2010.08.08 13:18:47 | 000,000,047 | ---- | C] () -- C:\Users\Max Mustermann\.gtk-bookmarks
[2009.09.03 23:44:20 | 000,001,028 | ---- | C] () -- C:\Users\Max Mustermann\AppData\Roaming\WavCodec.wff
[2009.07.19 13:29:43 | 000,025,600 | ---- | C] () -- C:\Users\Max Mustermann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.14 17:16:47 | 000,000,600 | ---- | C] () -- C:\Users\Max Mustermann\AppData\Local\PUTTY.RND
[2009.05.18 16:58:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.04.27 17:16:09 | 000,000,000 | ---- | C] () -- C:\Users\Max Mustermann\AppData\Roaming\wklnhst.dat
========== LOP Check ==========
[2012.07.12 23:39:24 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Ahabg
[2010.07.08 08:56:17 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\CheckPoint
[2011.02.23 22:18:20 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Crtvis
[2012.07.14 17:52:40 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Dropbox
[2012.07.12 23:39:23 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Ereta
[2011.06.30 23:43:55 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\FileZilla
[2010.03.23 00:03:10 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\FireShot
[2010.08.08 13:19:01 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\gtk-2.0
[2009.07.12 14:56:59 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\ICQ
[2010.08.05 17:11:42 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\iView
[2011.09.07 07:59:42 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Msnet
[2009.09.03 23:13:49 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\NCH Swift Sound
[2012.07.13 00:07:04 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Orabli
[2009.09.03 21:18:28 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\phonostar-Player
[2010.08.08 10:19:57 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\RawTherapeeAlpha
[2009.08.12 12:47:05 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\ScanSoft
[2009.09.01 18:46:18 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\SecondLife
[2009.08.26 20:26:17 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Sony
[2010.01.21 19:14:11 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Thunderbird
[2012.01.10 21:37:20 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\toolplugin
[2010.07.08 08:15:57 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Uniblue
[2011.07.20 19:55:24 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Vodafone
[2010.08.16 19:25:04 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\XSManager
[2012.07.13 00:41:12 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.14 18:05:00 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.08.05 17:11:26 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Adobe
[2012.07.12 23:39:24 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Ahabg
[2012.03.14 16:53:44 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Apple Computer
[2011.11.24 23:25:17 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Avira
[2010.07.08 08:56:17 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\CheckPoint
[2010.06.03 16:18:06 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Corel
[2011.02.23 22:18:20 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Crtvis
[2011.01.09 20:35:39 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\CyberLink
[2012.01.05 22:51:41 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\DivX
[2012.07.14 17:52:40 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Dropbox
[2012.07.12 23:39:23 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Ereta
[2009.11.23 21:35:37 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\FastStone
[2011.06.30 23:43:55 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\FileZilla
[2010.03.23 00:03:10 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\FireShot
[2011.07.20 20:01:53 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\FLEXnet
[2009.04.27 19:05:53 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Google
[2010.08.08 13:19:01 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\gtk-2.0
[2009.07.12 14:56:59 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\ICQ
[2009.04.27 17:10:32 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Identities
[2009.12.26 23:40:24 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\InstallShield
[2010.08.05 17:11:42 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\iView
[2009.04.30 15:55:48 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Macromedia
[2010.07.08 08:24:06 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Media Center Programs
[2012.06.24 08:36:25 | 000,000,000 | --SD | M] -- C:\Users\Max Mustermann\AppData\Roaming\Microsoft
[2009.05.11 19:06:52 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Mozilla
[2011.09.07 07:59:42 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Msnet
[2009.09.03 23:13:49 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\NCH Swift Sound
[2010.08.05 16:56:57 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Nero
[2012.07.13 00:07:04 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Orabli
[2009.09.03 21:18:28 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\phonostar-Player
[2010.08.08 10:19:57 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\RawTherapeeAlpha
[2009.08.12 12:47:05 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\ScanSoft
[2009.09.01 18:46:18 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\SecondLife
[2012.03.29 21:56:35 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Skype
[2012.03.29 21:54:46 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\skypePM
[2009.08.26 20:26:17 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Sony
[2009.06.25 23:17:28 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Talkback
[2010.01.21 19:14:11 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Thunderbird
[2012.01.10 21:37:20 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\toolplugin
[2010.07.08 08:15:57 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Uniblue
[2011.07.20 19:55:24 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\Vodafone
[2009.06.25 23:31:17 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\WinRAR
[2010.08.16 19:25:04 | 000,000,000 | ---D | M] -- C:\Users\Max Mustermann\AppData\Roaming\XSManager
< %APPDATA%\*.exe /s >
[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Max Mustermann\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Max Mustermann\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Max Mustermann\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2011.02.15 19:14:35 | 000,152,064 | ---- | M] () -- C:\Users\Max Mustermann\AppData\Roaming\Ereta\ifmuu.exe
[2010.11.28 16:56:53 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2012.06.22 14:07:16 | 000,060,824 | ---- | M] (getfireshot.com) -- C:\Users\Max Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\6bxs5b0k.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\crashreporter.exe
[2012.06.22 14:07:14 | 000,145,816 | ---- | M] (getfireshot.com) -- C:\Users\Max Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\6bxs5b0k.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fireshot-container.exe
[2012.06.22 14:06:54 | 000,074,648 | ---- | M] (getfireshot.com) -- C:\Users\Max Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\6bxs5b0k.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fireshot-deploy.exe
[2010.09.01 16:52:56 | 000,032,032 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Max Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\6bxs5b0k.default\extensions\nostmp\content\getPlusPlus_Adobe_reg.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.08.13 13:05:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2008.08.13 13:05:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.08.13 13:05:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.08.13 13:05:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2007.05.17 21:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\HomeCinema\PowerDirector\EventLog.dll
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.21 04:24:47 | 000,403,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
< End of report >
--- --- ---
--- --- ---
[/code]
Dazu gab es noch eine "Extras.Txt":
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 14.07.2012 17:57:04 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Max Mustermann\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 51,17% Memory free
6,21 Gb Paging File | 4,72 Gb Available in Paging File | 75,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,56 Gb Total Space | 128,70 Gb Free Space | 46,20% Space Free | Partition Type: NTFS
Drive D: | 19,52 Gb Total Space | 9,69 Gb Free Space | 49,66% Space Free | Partition Type: FAT32
Computer Name: MaxMustermann-PC | User Name: Max Mustermann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1911406567-2329552222-4229325174-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{027E104C-1093-47E9-A7B8-9ABE0EA5D9ED}" = lport=137 | protocol=17 | dir=in | app=system |
"{3C42A060-4371-4CD4-B497-5BE246375EB3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3E446952-7A83-4493-A798-395F33C7A985}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4ECE95BF-C456-48B3-932E-AEE12EAEF5CD}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5FFF5452-5490-48C8-BD87-551BD05EF432}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6130AC7B-D7B0-46D2-93E0-23F7A349E565}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{614728C3-FEC0-4233-BD10-BF3C52008660}" = lport=445 | protocol=6 | dir=in | app=system |
"{63217BC4-1D91-4CBC-B317-3526E00669BC}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{80988EF1-A704-4B10-BAAB-CBDCEB504596}" = rport=137 | protocol=17 | dir=out | app=system |
"{82480774-D58C-43AE-9CC6-61DE1E8D3CAE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{833743FA-3FA3-4719-8137-E27E580D05D0}" = rport=139 | protocol=6 | dir=out | app=system |
"{9AE99CF3-A550-437F-86A0-821CEAEA3BB0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A4E51561-21DA-4432-A113-BDCF5E54EE1C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A6E9D04E-1AB4-4A26-955F-6421006B1CDD}" = rport=138 | protocol=17 | dir=out | app=system |
"{B028BB81-6971-498D-B9F5-102B44B1C3D6}" = rport=445 | protocol=6 | dir=out | app=system |
"{CBE69C69-EECA-4FD7-A324-3DD6997180F2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D301B0FA-B8B1-473C-9EBC-657E45510989}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D3649324-B1E8-40EC-9C30-534FA3CF257C}" = lport=139 | protocol=6 | dir=in | app=system |
"{F6990B08-69E8-4FF7-925C-07170459C69D}" = lport=138 | protocol=17 | dir=in | app=system |
"{F840691B-BF8A-4A8F-876A-3755D37766A6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA2CFE2-9386-41B1-9C3B-A40C3914F00F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2A78441F-1269-495F-8103-063A8AF0DDD2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{3725464A-4F61-4B0F-B6CB-FCC66DCD2150}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{378FFFF9-0E6A-42C7-8A71-218F4B41228A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3C39C23F-CC5A-4455-BFEF-D08B11FDB63A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{41B9B342-69DB-42B1-8B8E-5D38713703CE}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{486372A6-305F-4C2E-98BD-AF56F72F16E5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4AE9AA1D-9695-4006-B241-034F8520C769}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4B426F60-C9CE-4CE2-962C-279BDE02A1C2}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{50FEEF14-0DCE-4B03-8DCB-8DE062D257A6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5921E7B3-9037-4412-998A-D083E7E57923}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{5EDF855B-D570-41EE-A154-2CC05061773B}" = protocol=17 | dir=in | app=c:\users\Max Mustermann\appdata\roaming\dropbox\bin\dropbox.exe |
"{6BCC0C23-AB23-4975-BE96-AE315409BCFB}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{7E3345B5-DBC6-408D-A2C9-B8C87D4E7C50}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8E020BEE-0A1A-4B88-AEE2-78FAFE376077}" = dir=in | app=c:\program files\homecinema\powerdvd8\powerdvd8.exe |
"{8E83CF4F-ABEF-481D-A130-1B0534D0EFAF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8EAEDD8A-857F-467D-9D12-68AC9C48E329}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{9DB73701-DEF2-4240-943C-8F124282779A}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A2FCFC3B-797A-4B21-BEE0-2B5EECC16D30}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A75CCDEE-E081-4B57-9B3C-07E0E4325477}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C097EDAB-865E-4D2A-86A9-33D9DC7A358C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CA5314F2-4E7F-4668-ACD7-821D7CA5BE7B}" = protocol=6 | dir=in | app=c:\program files\companion suite pro lm2\mfservices.exe |
"{E12CEF1A-FEFB-49E5-936A-BA38F29912CE}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{E785881A-03FD-49E1-B61F-9D3C6CFDA018}" = protocol=6 | dir=in | app=c:\users\Max Mustermann\appdata\roaming\dropbox\bin\dropbox.exe |
"{F22D78C5-A6BC-4F11-B28A-AADE169C78C8}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{FBC5C25E-0B77-4DC0-9FDD-59DF8F8421AE}" = protocol=17 | dir=in | app=c:\program files\companion suite pro lm2\mfservices.exe |
"{FF80CD5A-6170-45DE-B8F4-FC6D3FE17F5E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{1C0179A0-11F0-45D6-B209-7BB9C7CF8BF0}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"TCP Query User{389BD513-A067-462E-8E12-7D8F5121860C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{625EAF74-0950-4D9F-B42B-A8F574AE7A44}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"TCP Query User{6390308E-E19C-46CE-B119-BE31C6B5A24A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{7D85855B-FD27-4713-9BEF-96465C490E22}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"TCP Query User{8307E40D-9A98-49B9-BEF6-572FCD88A88A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{A350ADAC-BBCF-455D-A8B3-11655AA22C15}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{CD556F3B-76F1-4C7B-8EE4-C3F363CB92F6}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D4954BE8-776F-4425-A690-136C588CCA07}C:\users\Max Mustermann\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\Max Mustermann\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{DADA446D-765E-462A-A8A0-348DA97B5250}C:\program files\sony ericsson\update service\update service.exe" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"UDP Query User{2A72FC54-DA08-41A9-9861-3893EA9BE517}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{36E4853E-13C3-4B7A-A665-10E5FD9CEA87}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{53BED480-2379-4476-9532-7C23A37E8137}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{56610E76-7CAE-4C67-B641-A95BBC02E492}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{7C4D38F5-D0FE-468B-8E17-0638DEB4B213}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{82C93E1D-5EC2-4082-94AB-A6B6FC007FA3}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{882859B0-1823-4A81-81EA-062B395BE651}C:\users\Max Mustermann\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\Max Mustermann\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{8E552639-918A-4C16-A77F-9F61B0BDC8ED}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"UDP Query User{9C8BA727-F2EE-417B-B6DC-C2FE216D2237}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{CB0EB1CC-7DFE-46AE-8DBA-DF41032894E6}C:\program files\sony ericsson\update service\update service.exe" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47948554-90C6-4AAC-8CFA-D23CE11C1031}" = Nero 8 Essentials
"{48AB06FF-059D-43DE-ACC1-15920D5A7FF2}" = JRE 1.4.2
"{4AA863D0-EC08-415B-B4AF-FD0A9DFC8C91}" = ScanSoft PaperPort 10
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1" = Poedit
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{82F2B38B-1426-443D-874C-AC25675E7BEB}" = Windows Live Mail
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}" = Sony Ericsson Media Manager 1.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BC60D4B-C688-4646-A1FC-730BE6DD5E9D}" = Companion Suite Pro LM2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A1D08B90-AE1A-4885-AC29-731496FD397E}" = Windows Live Fotogalerie
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B256C380-AC47-4681-8342-7F42E4F0F434}" = JRE 1.6.1
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B8D42C3A-3CFF-4A8A-A7DA-4F44474D12C5}" = Windows Live Writer
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{C095AB64-EF16-4636-9A78-5E72C3DC3173}" = Auerswald COMset 2.6.29
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D41A58D3-DF92-428E-BD8F-771853277E3F}" = ScanSoft OmniPage SE 3.0
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{FB838FDB-0C2D-44EC-8C40-F69C5CDABFCC}" = Samsung SCX-4100 Series - TWAIN
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Avira AntiVir Desktop" = Avira Free Antivirus
"DivX Setup" = DivX-Setup
"ESET Online Scanner" = ESET Online Scanner v3
"ExpressBurn" = Express Burn
"FastStone Image Viewer" = FastStone Image Viewer 4.0
"FileZilla Client" = FileZilla Client 3.2.6.1
"FormatFactory" = FormatFactory 2.45
"Google Chrome" = Google Chrome
"Hardcopy(C__Program Files_Hardcopy)" = Hardcopy (C:\Program Files\Hardcopy)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"Mozilla Thunderbird 12.0.1 (x86 de)" = Mozilla Thunderbird 12.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"phonostarRadioPlayer_is1" = phonostar-Player Version 2.01.5
"Samsung SCX-4100 Series" = Samsung SCX-4100 Series
"SecondLife" = SecondLife (remove only)
"Security Task Manager" = Security Task Manager 1.8d
"Switch" = Switch Sound File Converter
"toolplugin" = toolplugin
"Trillian" = Trillian
"Update Service" = Update Service
"Veetle TV" = Veetle TV 0.9.18
"vShare.tv plugin" = vShare.tv plugin 1.3
"WavePad" = WavePad Sound Editor
"WinRAR archiver" = WinRAR
"XSManager" = XSManager
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1911406567-2329552222-4229325174-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.07.2012 12:21:01 | Computer Name = MaxMustermann-PC | Source = Windows Search Service | ID = 3032
Description =
Error - 14.07.2012 12:21:03 | Computer Name = MaxMustermann-PC | Source = Windows Search Service | ID = 3032
Description =
Error - 14.07.2012 12:21:04 | Computer Name = MaxMustermann-PC | Source = Windows Search Service | ID = 3032
Description =
Error - 14.07.2012 12:21:05 | Computer Name = MaxMustermann-PC | Source = Windows Search Service | ID = 3032
Description =
Error - 14.07.2012 12:21:06 | Computer Name = MaxMustermann-PC | Source = Windows Search Service | ID = 3032
Description =
Error - 14.07.2012 12:21:08 | Computer Name = MaxMustermann-PC | Source = Windows Search Service | ID = 3032
Description =
Error - 14.07.2012 12:21:09 | Computer Name = MaxMustermann-PC | Source = Windows Search Service | ID = 3032
Description =
Error - 14.07.2012 12:21:11 | Computer Name = MaxMustermann-PC | Source = Windows Search Service | ID = 3032
Description =
Error - 14.07.2012 12:21:11 | Computer Name = MaxMustermann-PC | Source = Windows Search Service | ID = 3032
Description =
Error - 14.07.2012 12:21:13 | Computer Name = MaxMustermann-PC | Source = Windows Search Service | ID = 3032
Description =
[ System Events ]
Error - 12.07.2012 10:21:34 | Computer Name = MaxMustermann-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12.07.2012 14:37:33 | Computer Name = MaxMustermann-PC | Source = HTTP | ID = 15016
Description =
Error - 12.07.2012 14:39:09 | Computer Name = MaxMustermann-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12.07.2012 14:39:09 | Computer Name = MaxMustermann-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12.07.2012 17:11:18 | Computer Name = MaxMustermann-PC | Source = HTTP | ID = 15016
Description =
Error - 12.07.2012 17:12:52 | Computer Name = MaxMustermann-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12.07.2012 17:12:52 | Computer Name = MaxMustermann-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 14.07.2012 11:50:06 | Computer Name = MaxMustermann-PC | Source = HTTP | ID = 15016
Description =
Error - 14.07.2012 11:51:40 | Computer Name = MaxMustermann-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 14.07.2012 11:51:40 | Computer Name = MaxMustermann-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
--- --- ---
[/code] |
