| MRFamily1310 | 19.01.2013 20:07 |
Hi,
hier die txt datei:OTL Logfile: Code:
OTL logfile created on: 19.01.2013 19:21:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrfamily\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 59,56% Memory free
5,50 Gb Paging File | 3,94 Gb Available in Paging File | 71,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144,17 Gb Total Space | 90,11 Gb Free Space | 62,50% Space Free | Partition Type: NTFS
Drive D: | 144,15 Gb Total Space | 142,90 Gb Free Space | 99,13% Space Free | Partition Type: NTFS
Drive F: | 7,39 Gb Total Space | 7,33 Gb Free Space | 99,11% Space Free | Partition Type: FAT32
Computer Name: MRFAMILY-PC | User Name: mrfamily | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.01.19 19:20:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mrfamily\Downloads\OTL.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 16:29:18 | 001,522,912 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2012.12.14 16:28:58 | 000,906,464 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2012.11.09 09:13:50 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012.11.09 09:13:50 | 000,711,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012.08.28 07:41:08 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.08.28 07:41:06 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012.08.13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2012.07.31 02:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012.07.17 14:14:08 | 000,132,056 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
PRC - [2012.03.14 10:13:15 | 001,693,120 | ---- | M] (Discordia, LTD) -- C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2012.02.14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.12.23 13:07:20 | 000,881,144 | ---- | M] (Iminent) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
PRC - [2011.12.23 13:07:20 | 000,445,416 | ---- | M] (Iminent) -- C:\Program Files (x86)\Iminent\Iminent.exe
PRC - [2011.11.07 20:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
========== Modules (No Company Name) ==========
MOD - [2013.01.17 20:19:16 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\4f91a66a3f10565b979b758f6f08e8cc\WindowsFormsIntegration.ni.dll
MOD - [2013.01.13 21:55:16 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013.01.12 22:32:34 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll
MOD - [2013.01.12 22:32:05 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013.01.12 22:32:00 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll
MOD - [2013.01.12 22:31:50 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
MOD - [2013.01.12 11:30:12 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\649a3da64c9abb2e533202e438440b09\System.Configuration.Install.ni.dll
MOD - [2013.01.12 11:29:27 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\aa0c82eddc6cc12961a92835f777dcc0\System.Web.Services.ni.dll
MOD - [2013.01.12 11:29:20 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll
MOD - [2013.01.12 11:28:55 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll
MOD - [2013.01.12 11:28:51 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll
MOD - [2013.01.12 11:28:45 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013.01.12 11:27:59 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.01.12 11:27:54 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013.01.12 11:26:29 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013.01.12 11:25:55 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.12 11:25:40 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.01.12 11:25:09 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.12 11:24:53 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.12 11:24:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.12 11:24:38 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.12 11:23:34 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.11.09 09:13:50 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012.11.09 09:13:50 | 000,566,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
MOD - [2012.11.09 09:13:50 | 000,134,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
MOD - [2012.06.03 21:36:29 | 000,790,520 | ---- | M] () -- C:\Windows\SysWOW64\protector.dll
MOD - [2011.12.23 13:07:28 | 000,910,840 | ---- | M] () -- C:\Program Files (x86)\Iminent\System.Data.SQLite.dll
MOD - [2011.12.23 13:07:26 | 000,204,280 | ---- | M] () -- C:\Program Files (x86)\Iminent\Iminent.Workflow.dll
MOD - [2011.12.23 13:07:26 | 000,067,576 | ---- | M] () -- C:\Program Files (x86)\Iminent\Iminent.Windows.dll
MOD - [2011.12.23 13:07:22 | 006,273,016 | ---- | M] () -- C:\Program Files (x86)\Iminent\Iminent.Mediator.ActivePlayers.dll
MOD - [2011.12.23 13:07:22 | 001,524,728 | ---- | M] () -- C:\Program Files (x86)\Iminent\Iminent.Services.dll
MOD - [2011.12.23 13:07:22 | 000,587,256 | ---- | M] () -- C:\Program Files (x86)\Iminent\Iminent.Booster.UI.dll
MOD - [2011.12.23 13:04:48 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Iminent\de\Iminent.Booster.UI.resources.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.05.26 09:33:16 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.05.26 09:24:42 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2011.05.26 09:24:42 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.05.26 09:24:42 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_de_b77a5c561934e089\SMDiagnostics.resources.dll
MOD - [2010.11.21 04:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009.06.10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
========== Services (SafeList) ==========
SRV:64bit: - [2009.08.18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.01.13 20:19:04 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:29:18 | 001,522,912 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.12.14 16:28:58 | 000,906,464 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012.11.29 16:06:12 | 002,401,632 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.11.09 09:13:50 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012.08.28 07:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.08.13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2012.07.17 14:14:08 | 000,132,056 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2012.02.14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.11.07 20:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.11.09 09:13:50 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012.09.28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.24 14:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.26 02:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.04.19 03:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.31 03:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.12.23 12:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.12.23 12:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.12.23 12:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.05.26 09:41:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.05.26 09:41:41 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.08.18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 03:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.11.16 16:38:44 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD23}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD23}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=116&systemid=3&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD23}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD23}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=116&systemid=3&sr=0&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?AF=100346&babsrc=HP_ss&mntrId=b24d301b0000000000000017c4347dd5
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.shareazaweb.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4D B0 8B 55 3F F3 CC 01 [binary data]
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD23}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=100346&babsrc=SP_ss&mntrId=b24d301b0000000000000017c4347dd5
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={D662C43D-3D46-4E5F-B30E-B94E96852045}&mid=bc51ccfd514c47d19077d154343757f8-2a90667d74edd71aebabf046d7a05fd4b2605fc2&lang=de&ds=AVG&pr=fr&d=2012-02-25 21:40:26&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD23}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=116&systemid=3&sr=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..ct3241949.browser.search.defaultthis.enginename: true
FF - prefs.js..browser.search.defaultenginename: "search the web (babylon)"
FF - prefs.js..browser.search.order.1: "search the web (babylon)"
FF - prefs.js..browser.search.selectedengine: "fileconverter 1.3 customized web search"
FF - prefs.js..browser.search.usedbfororder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=ct3241949&searchsource=13&cui=sb_cui"
FF - prefs.js..extensions.enabledAddons: info%40youtube-mp3.org:1.0.4
FF - prefs.js..extensions.enabledAddons: %7be4a8a97b-f2ed-450b-b12d-ee082ba24781%7d:1.6
FF - prefs.js..extensions.enabledAddons: %7b78e516ef-11de-47a1-8364-a99b917ec5ee%7d:10.13.40.15
FF - prefs.js..extensions.enabledAddons: %7b972ce4c6-7e08-4474-a285-3208198ce6fd%7d:18.0
FF - prefs.js..extensions.enabledAddons: avg@toolbar:10.2.0.3
FF - prefs.js..keyword.url: "hxxp://search.conduit.com/resultsext.aspx?ctid=ct3241949&searchsource=2&cui=sb_cui&q="
FF - prefs.js..keyword.url: "hxxp://search.babylon.com/?af=100346&babsrc=adbartrp&mntrid=b24d301b0000000000000017c4347dd5&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.09.11 16:37:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.01.20 04:02:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.13 20:19:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.13 20:19:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.11.09 22:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrfamily\AppData\Roaming\mozilla\Extensions
[2012.11.09 22:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrfamily\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.01.20 04:02:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrfamily\AppData\Roaming\mozilla\Firefox\Profiles\bqkkuw5o.default\extensions
[2013.01.20 04:02:41 | 000,000,000 | ---D | M] (FileConverter 1.3) -- C:\Users\mrfamily\AppData\Roaming\mozilla\Firefox\Profiles\bqkkuw5o.default\extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee}
[2013.01.20 04:02:42 | 000,000,000 | ---D | M] (Wincore MediaBar) -- C:\Users\mrfamily\AppData\Roaming\mozilla\Firefox\Profiles\bqkkuw5o.default\extensions\{d48c9ead-f59f-4dea-ac97-7065fea79f42}
[2013.01.20 04:02:41 | 000,000,000 | ---D | M] (SaveByclick) -- C:\Users\mrfamily\AppData\Roaming\mozilla\Firefox\Profiles\bqkkuw5o.default\extensions\50f31f36251c1@50f31f36251f8.com
[2013.01.20 04:02:41 | 000,000,000 | ---D | M] ("I Want This") -- C:\Users\mrfamily\AppData\Roaming\mozilla\Firefox\Profiles\bqkkuw5o.default\extensions\crossriderapp2258@crossrider.com
[2013.01.18 22:00:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrfamily\AppData\Roaming\mozilla\Firefox\Profiles\bqkkuw5o.default\extensions\crossriderapp2258@crossrider.com\chrome\content\extensionCode
[2012.10.24 20:45:46 | 000,006,796 | ---- | M] () (No name found) -- C:\Users\mrfamily\AppData\Roaming\mozilla\firefox\profiles\bqkkuw5o.default\extensions\info@youtube-mp3.org.xpi
[2013.01.18 18:21:34 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\mrfamily\AppData\Roaming\mozilla\firefox\profiles\bqkkuw5o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.18 18:12:40 | 000,266,840 | ---- | M] () (No name found) -- C:\Users\mrfamily\AppData\Roaming\mozilla\firefox\profiles\bqkkuw5o.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.01.19 19:11:32 | 000,001,064 | ---- | M] () -- C:\Users\mrfamily\AppData\Roaming\mozilla\firefox\profiles\bqkkuw5o.default\searchplugins\fileconverter-13-customized-web-search.xml
[2012.10.17 09:48:20 | 000,002,515 | ---- | M] () -- C:\Users\mrfamily\AppData\Roaming\mozilla\firefox\profiles\bqkkuw5o.default\searchplugins\Search_Results.xml
[2012.10.17 09:48:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.03.11 18:04:48 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files (x86)\mozilla firefox\extensions\webbooster@iminent.com
[2013.01.13 20:19:04 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.02 20:23:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.09 09:14:14 | 000,003,572 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.06.03 21:30:34 | 000,002,313 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.09.03 22:11:36 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.02 20:23:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.02 20:23:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.17 09:48:20 | 000,002,515 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012.07.02 20:23:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.02 20:23:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://search.shareazaweb.net
CHR - default_search_provider: Search Results ()
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&appid=116&systemid=3&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://search.shareazaweb.net
CHR - plugin: Erster Nutzer (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Users\mrfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\mrfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Users\mrfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (DataMngr) - {64E2F96A-4FE4-4aa8-90B0-2A929AB6AA88} - C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\x64\BROWSE~1.DLL (Discordia, LTD)
O2 - BHO: (SaveByclick) - {0CB1BDB9-37FC-E3D2-26D0-563A9408885F} - C:\ProgramData\SaveByclick\50f31f3625327.dll ()
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll (215 Apps)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DataMngr) - {64E2F96A-4FE4-4aa8-90B0-2A929AB6AA88} - C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\BROWSE~1.DLL (Discordia, LTD)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Wincore MediaBar) - {d48c9ead-f59f-4dea-ac97-7065fea79f42} - C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\ToolBar\mediabarshX.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Wincore MediaBar) - {d48c9ead-f59f-4dea-ac97-7065fea79f42} - C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\ToolBar\mediabarshX.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\DATAMN~1.EXE (Discordia, LTD)
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Driver Whiz] C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe (PC Drivers Headquarters)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA841A3D-E738-424F-8418-7F67EF2EF5AC}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (protector.dll) - File not found
O20 - AppInit_DLLs: (protector.dll) - C:\Windows\SysWow64\protector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{97a3f84b-5f30-11e1-9c8e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{97a3f84b-5f30-11e1-9c8e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{a7a81789-ff16-11e1-b850-001d72d3be0b}\Shell - "" = AutoRun
O33 - MountPoints2\{a7a81789-ff16-11e1-b850-001d72d3be0b}\Shell\AutoRun\command - "" = G:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013.01.19 18:45:06 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.18 23:31:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.18 23:30:51 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.18 18:32:08 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.01.18 18:31:57 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.01.18 18:31:57 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.01.18 18:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.01.18 18:31:12 | 000,000,000 | ---D | C] -- C:\Users\mrfamily\AppData\Roaming\TuneUp Software
[2013.01.18 18:31:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.01.18 18:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.01.18 18:30:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.01.13 21:36:11 | 000,000,000 | ---D | C] -- C:\Users\mrfamily\AppData\Roaming\PDF Architect
[2013.01.13 21:34:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick
[2013.01.13 21:34:52 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveByclick
[2013.01.13 21:34:41 | 000,000,000 | ---D | C] -- C:\Users\mrfamily\AppData\Roaming\APP_NAME_NON_STRING
[2013.01.13 21:34:30 | 000,000,000 | ---D | C] -- C:\Users\mrfamily\Documents\PDF Architect Files
[2013.01.13 21:34:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
[2013.01.13 21:34:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Architect
[2013.01.13 21:33:45 | 000,000,000 | ---D | C] -- C:\Users\mrfamily\AppData\Roaming\pdfforge
[2013.01.13 21:33:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013.01.13 21:33:41 | 000,103,936 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2013.01.13 21:33:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2013.01.13 21:32:52 | 000,000,000 | ---D | C] -- C:\Users\mrfamily\AppData\Local\Programs
[2013.01.03 15:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.01.03 15:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.01.03 15:10:40 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.01.03 15:10:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.01.03 15:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.01.03 15:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.01.03 15:06:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.19 19:14:58 | 000,027,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.19 19:14:58 | 000,027,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.19 19:14:01 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.19 19:10:07 | 106,782,800 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2013.01.19 19:06:30 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.19 19:05:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.19 19:05:32 | 2213,351,424 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.13 21:33:47 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2013.01.12 22:16:59 | 000,189,308 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2013.01.12 11:38:35 | 001,519,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.12 11:38:35 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.12 11:38:35 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.12 11:38:35 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.12 11:38:35 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.12 11:20:21 | 000,416,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.03 15:11:17 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.01.03 15:07:01 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013.01.01 23:55:50 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.18 18:31:48 | 000,002,201 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.01.13 21:33:47 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2013.01.03 15:11:17 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.01.03 15:07:01 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.10.17 09:50:17 | 000,003,584 | ---- | C] () -- C:\Users\mrfamily\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.03 22:10:39 | 000,148,426 | ---- | C] () -- C:\Windows\hphins33.dat
[2012.06.03 22:10:39 | 000,000,512 | ---- | C] () -- C:\Windows\hphmdl33.dat
[2012.06.03 21:36:29 | 000,790,520 | ---- | C] () -- C:\Windows\SysWow64\protector.dll
[2012.02.24 22:47:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.01.13 21:34:41 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\APP_NAME_NON_STRING
[2012.02.25 21:41:45 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\AVG2012
[2012.06.03 21:30:23 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\Babylon
[2013.01.20 04:02:41 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\Canneverbe Limited
[2013.01.20 04:02:41 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2013.01.20 04:02:41 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\elsterformular
[2012.03.11 18:05:06 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\Iminent
[2012.10.17 09:48:18 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\MusicNet
[2012.09.18 21:52:26 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\PCCUStubInstaller
[2013.01.13 21:36:23 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\PDF Architect
[2013.01.13 21:33:45 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\pdfforge
[2012.10.13 20:27:13 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\PhotoScape
[2013.01.20 04:02:42 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\TomTom
[2013.01.18 18:31:12 | 000,000,000 | ---D | M] -- C:\Users\mrfamily\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.08.28 19:52:03 | 000,000,000 | ---D | M] -- C:\$AVG
[2013.01.20 04:03:42 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.02.25 07:42:43 | 000,000,000 | ---D | M] -- C:\Boot
[2013.01.18 22:45:52 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.02.24 22:53:01 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.02.24 23:03:07 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.03.18 13:04:58 | 000,000,000 | ---D | M] -- C:\output
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.01.03 15:10:41 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.01.20 04:03:43 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.01.20 04:03:47 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.02.24 22:53:01 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.01.19 18:45:09 | 000,000,000 | ---D | M] -- C:\Qoobox
[2012.02.24 22:53:01 | 000,000,000 | ---D | M] -- C:\Recovery
[2013.01.19 19:24:13 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.01.20 04:03:09 | 000,000,000 | R--D | M] -- C:\Users
[2013.01.20 04:03:55 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.21 04:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.02.25 22:30:11 | 000,001,110 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.02.25 22:30:13 | 000,001,114 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.05.26 09:39:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.05.26 09:39:16 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.05.26 09:39:16 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.05.26 09:39:16 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.05.26 09:39:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.05.26 09:39:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: IASTORV.SYS >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.05.26 09:41:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.05.26 09:41:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.05.26 09:41:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.05.26 09:41:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.05.26 09:41:40 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.05.26 09:41:40 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.05.26 09:41:40 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.05.26 09:41:40 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2012.11.14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2012.06.03 21:36:29 | 000,790,520 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\protector.dll
< %USERPROFILE%\*.* >
[2013.01.19 19:45:10 | 002,359,296 | -HS- | M] () -- C:\Users\mrfamily\ntuser.dat
[2013.01.19 19:45:10 | 000,262,144 | -HS- | M] () -- C:\Users\mrfamily\ntuser.dat.LOG1
[2012.02.24 22:54:01 | 000,000,000 | -HS- | M] () -- C:\Users\mrfamily\ntuser.dat.LOG2
[2012.02.24 22:54:52 | 000,065,536 | -HS- | M] () -- C:\Users\mrfamily\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.02.24 22:54:52 | 000,524,288 | -HS- | M] () -- C:\Users\mrfamily\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.02.24 22:54:52 | 000,524,288 | -HS- | M] () -- C:\Users\mrfamily\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.10.14 11:29:15 | 000,065,536 | -HS- | M] () -- C:\Users\mrfamily\ntuser.dat{91124358-15e4-11e2-a93d-001d72d3be0b}.TM.blf
[2012.10.14 11:29:15 | 000,524,288 | -HS- | M] () -- C:\Users\mrfamily\ntuser.dat{91124358-15e4-11e2-a93d-001d72d3be0b}.TMContainer00000000000000000001.regtrans-ms
[2012.10.14 11:29:15 | 000,524,288 | -HS- | M] () -- C:\Users\mrfamily\ntuser.dat{91124358-15e4-11e2-a93d-001d72d3be0b}.TMContainer00000000000000000002.regtrans-ms
[2013.01.19 19:06:26 | 000,065,536 | -HS- | M] () -- C:\Users\mrfamily\ntuser.dat{c02c936c-6262-11e2-aa88-001d72d3be0b}.TM.blf
[2013.01.19 19:06:26 | 000,524,288 | -HS- | M] () -- C:\Users\mrfamily\ntuser.dat{c02c936c-6262-11e2-aa88-001d72d3be0b}.TMContainer00000000000000000001.regtrans-ms
[2013.01.19 19:06:26 | 000,524,288 | -HS- | M] () -- C:\Users\mrfamily\ntuser.dat{c02c936c-6262-11e2-aa88-001d72d3be0b}.TMContainer00000000000000000002.regtrans-ms
[2012.02.24 22:54:02 | 000,000,020 | -HS- | M] () -- C:\Users\mrfamily\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< End of report >
--- --- ---
und die extra datei:OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 19.01.2013 19:21:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrfamily\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 59,56% Memory free
5,50 Gb Paging File | 3,94 Gb Available in Paging File | 71,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144,17 Gb Total Space | 90,11 Gb Free Space | 62,50% Space Free | Partition Type: NTFS
Drive D: | 144,15 Gb Total Space | 142,90 Gb Free Space | 99,13% Space Free | Partition Type: NTFS
Drive F: | 7,39 Gb Total Space | 7,33 Gb Free Space | 99,11% Space Free | Partition Type: FAT32
Computer Name: MRFAMILY-PC | User Name: mrfamily | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Mueller Foto\Mueller Foto\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Müller Foto] -- "C:\Program Files (x86)\Mueller Foto\Mueller Foto\Müller Foto.exe" "%1" ()
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Mueller Foto\Mueller Foto\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Müller Foto] -- "C:\Program Files (x86)\Mueller Foto\Mueller Foto\Müller Foto.exe" "%1" ()
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19475DE8-B70D-44F5-A417-C294D0AE75E3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{23772CED-577E-40B1-BFF8-1B450A8B29F2}" = rport=137 | protocol=17 | dir=out | app=system |
"{25C2873C-3D0C-4D39-BE2B-F0441D9F82EB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3D4C2620-2C34-4325-9E67-7A6D3F012ECC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{548C897C-52B5-46C5-A37B-5A68F0D4A596}" = lport=10243 | protocol=6 | dir=in | app=system |
"{57CC5FA1-5E1A-4CB4-90B4-27649BBD09E8}" = rport=139 | protocol=6 | dir=out | app=system |
"{6AF3B3D7-CEAE-443C-B61C-8A6286272386}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78CB2F91-103D-4FA2-8D4E-2450C63F6EC1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{815767C3-F04E-44E3-A11B-82C3E111AA2B}" = lport=139 | protocol=6 | dir=in | app=system |
"{84A6EC91-E4F6-41A5-BD89-0CCEB47158B1}" = lport=137 | protocol=17 | dir=in | app=system |
"{8860D6C5-3FD9-4D98-B608-429E00C0975C}" = rport=445 | protocol=6 | dir=out | app=system |
"{8C29CD06-7F92-432F-8825-E27CE12722B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9246DB2A-A562-499C-B3E4-65BAF22E29DE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A024F439-9E3E-4AD9-9866-6761D7C9E208}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1E2F5BA-7E17-4171-80F6-6FCCB3C423F2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A2D69F80-B44B-429D-8AA2-BFCE9BBF521D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B0B9B613-B22C-479D-92F2-58B24E6B016F}" = lport=445 | protocol=6 | dir=in | app=system |
"{B23A3CF6-AA08-4145-A787-D04A5ED421F9}" = rport=138 | protocol=17 | dir=out | app=system |
"{BC6A0133-02B0-4852-9C93-C413D2109E93}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E0C88BF6-6AB3-4461-8BC0-AE607B4EAA6D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E3EAC0DC-DD96-4110-B9C6-C8FEFFCA728F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED5632E3-B4D7-472E-8D02-E467A651F13B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F7EDEF0E-C8F8-4690-942E-BE5DCCDF8169}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FCF7F273-5A03-404E-B253-2AA834F23623}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{010172B4-9DB0-41CC-9E20-AFE8334E0850}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{089DCDEA-562B-4E38-AFDC-3A09E6378C26}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0E0E9F58-441E-4A99-9EBA-035FBD614CCB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{16F955A5-6BB8-41F6-8A85-3C0B7EAF9A20}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{183098FE-E4AB-4719-8EE0-4AE5E041B98F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1C9221E4-34AA-4179-9EA0-AF31C28136DA}" = protocol=6 | dir=in | app=c:\program files (x86)\shareaza applications\mediabar\datamngr\toolbar\dtuser.exe |
"{1E760706-7D31-4020-A542-633589CD72D5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{206B4A70-A252-44FB-8085-9D48D113F5D6}" = protocol=6 | dir=in | app=c:\program files (x86)\shareaza applications\shareaza\shareaza.exe |
"{24F54474-4487-42EB-B404-84A3A7CCFA90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2AAD7329-D3F1-41F6-9026-7486A8909340}" = protocol=17 | dir=in | app=c:\program files (x86)\shareaza applications\shareaza\shareaza.exe |
"{31422286-79B1-4678-871E-2C6DD9E5DF18}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{35A61DF7-E2AD-4D12-9B03-A22C538DB8DF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{37CC387D-93A4-4E55-97DD-F9E33D334FEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3D24D2A3-67A3-44AD-8643-749BA38065C6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{43563373-456E-4868-B604-E9134B2E7DD3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{47B5016C-283C-4C6B-88E7-5853B0F1D49E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{6E5D02FE-801B-42BF-9B23-423530A04528}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{7EF8E1C8-BA85-4BB9-9537-C777431523E7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8025E317-C324-498B-990B-5AF168F55E1A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8EFF85DD-527E-436D-884E-69E48A3F81DC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{93030FAA-8F88-435C-9F34-FABE91F69D17}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{986E4A34-315F-4424-BF9E-FE438CD45285}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{9900F521-CD9F-447B-812C-014CF5B0B156}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A1F98F70-D704-43A5-8518-E1EE66D1109C}" = protocol=6 | dir=out | app=system |
"{A29E49F6-DD06-405F-8F0E-54B5D6BA028F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A53759F2-4E57-4D7F-9FAA-7DA40AD48E5F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B02062D5-2C87-464B-B825-62830F427ED3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{BC2A486B-3BB0-4877-8FC2-84738B1B2AF6}" = protocol=6 | dir=in | app=c:\program files (x86)\shareaza applications\shareaza\shareaza.exe |
"{BC6808C3-E2C4-4E19-95E7-A009B5EC216F}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe |
"{BF5539C9-CEAB-4CA8-A067-E164B223A6B1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C194524C-9D86-48C8-839D-2F4ABE0A4EAA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{C1C31E29-D08E-4EF9-83D2-68C7286F9CE1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C7E8663C-BE0D-4C46-8033-A43764C2CD32}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C94FD0C4-D9AB-4F2A-AEF3-0B6CEA81D4B9}" = protocol=17 | dir=in | app=c:\program files (x86)\shareaza applications\mediabar\datamngr\toolbar\dtuser.exe |
"{CA10A249-081D-4AC9-85BB-A86AD4CEDADE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CCABC946-4FE5-43D3-BED7-0BBDF6261C44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D4920809-9E1C-49E7-A514-0A0CA65F1717}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D8EF149F-BCFB-4118-8A0F-ABFF7C816621}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E3710852-FB81-44DB-B82B-326CB5A08E11}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4089476-C0AF-4D3A-80AB-9E7E81C285F7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E4B1AF34-1C9F-400F-BA30-BA3B110BB2C0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EEB6C312-02F8-41D2-8ACC-01046564B82F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{EFA36441-0FAB-4C77-97D3-250D36CD5437}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F68F747D-C99B-4DFA-9AFD-810A1C26F941}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe |
"{FA024B24-3368-46EC-B555-3D9ED74AB19A}" = protocol=17 | dir=in | app=c:\program files (x86)\shareaza applications\shareaza\shareaza.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{70AD2848-D236-459A-BF18-BF8E063D7BB2}" = AVG 2012
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{96178C0A-BAF9-4E49-A2A5-CDE76722105B}" = HP Deskjet D1600 Printer Driver 14.0 Rel. 6
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{BF46C84D-1AC3-4CC3-A45C-EF6257B80984}" = AVG 2012
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AVG" = AVG 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{09531CAE-B186-49A9-B44F-C607CC54FA2A}" = PDF Architect
"{0B540DA4-41AE-4B79-BEAB-0F07E09669AB}" = Driver Whiz
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26B5A6D1-1F75-3B59-5825-E4D4CAE3445D}" = SaveByclick
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{4956225B-6763-4944-9B70-E31403D1DFC9}" = Shareaza
"{4BD8E034-E0F4-4509-A753-467A8E854CD8}" = Iminent
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C9B2F671-870B-43A0-8B9D-7DB30CEBD87E}" = DJ_SF_06_D1600_SW_Min
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AVG Secure Search" = AVG Security Toolbar
"ElsterFormular" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"I Want This" = I Want This
"IMBoosterARP" = Iminent
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 18.0 (x86 de)" = Mozilla Firefox 18.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Müller Foto" = Müller Foto
"Norton PC Checkup_is1" = Norton PC Checkup
"NortonPCCheckup" = Norton PC Checkup
"PhotoScape" = PhotoScape
"Shareaza" = Shareaza
"Switch" = Switch Audiodatei-Konverter
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Updater Service" = Updater Service
"WavePad" = WavePad Audiobearbeitungs-Software
"Wincore MediaBar" = Wincore MediaBar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Uncompressor" = Uncompressor
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.01.2013 14:40:46 | Computer Name = mrfamily-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 19.01.2013 14:40:47 | Computer Name = mrfamily-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 19.01.2013 14:40:49 | Computer Name = mrfamily-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 19.01.2013 14:40:50 | Computer Name = mrfamily-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 19.01.2013 14:40:51 | Computer Name = mrfamily-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 19.01.2013 14:42:22 | Computer Name = mrfamily-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 19.01.2013 14:42:23 | Computer Name = mrfamily-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 19.01.2013 14:42:24 | Computer Name = mrfamily-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 19.01.2013 14:42:25 | Computer Name = mrfamily-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 19.01.2013 14:42:27 | Computer Name = mrfamily-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
[ System Events ]
Error - 19.01.2013 13:52:13 | Computer Name = mrfamily-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Server-SMB-Treiber 2.xxx" ist vom Dienst "srvnet" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%22
Error - 19.01.2013 13:52:13 | Computer Name = mrfamily-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Arbeitsstationsdienst" ist vom Dienst "SMB 2.0-Miniredirector"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 19.01.2013 13:52:13 | Computer Name = mrfamily-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Server-SMB-Treiber 1.xxx" ist vom Dienst "Server-SMB-Treiber
2.xxx" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 19.01.2013 13:52:13 | Computer Name = mrfamily-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 19.01.2013 13:52:13 | Computer Name = mrfamily-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Server" ist vom Dienst "Server-SMB-Treiber 1.xxx" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 19.01.2013 13:52:13 | Computer Name = mrfamily-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Dienst "Bonjour"" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-1.
Error - 19.01.2013 13:53:03 | Computer Name = mrfamily-PC | Source = Microsoft-Windows-Kernel-Power | ID = 86
Description = Das System wurde aufgrund eines kritischen thermischen Ereignisses
heruntergefahren. Zeit für das Herunterfahren = 2013-01-19T17:53:03.622457500Z
ACPI-Thermozone = ACPI\ThermalZone\TZS0 _CRT = 373K
Error - 19.01.2013 13:53:03 | Computer Name = mrfamily-PC | Source = Microsoft-Windows-Kernel-Power | ID = 86
Description = Das System wurde aufgrund eines kritischen thermischen Ereignisses
heruntergefahren. Zeit für das Herunterfahren = 2013-01-19T17:53:03.653657600Z
ACPI-Thermozone = ACPI\ThermalZone\TZS0 _CRT = 373K
Error - 19.01.2013 14:05:40 | Computer Name = mrfamily-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 19.01.2013 14:05:40 | Computer Name = mrfamily-PC | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
--- --- --- |
