Zoek.exe Version 4.0.0.2 Updated 23-04-2013
Tool run by Maddi on 01.05.2013 at 21:50:15,03.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== System Restore Info ======================
01.05.2013 21:52:35 Zoek.exe System Restore Point Created Succesfully.
==== Older Logs ======================
C:\zoek-results01.05.2013-2142.log 209 bytes
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-529716373-367860-252342032-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Video downloader Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Video downloader Updater deleted successfully
==== FireFox Fix ======================
ProfilePath: C:\Users\Maddi\AppData\Roaming\Mozilla\Firefox\Profiles\lk38wdx8.default
---- Lines delta removed from prefs.js ----
user_pref("avg.install.userHPSettings", "hxxp://mixidj.delta-search.com/?affID=121139&babsrc=HP_ss&mntrId=DA36D0DF9A1D2502");
user_pref("browser.startup.homepage", "hxxp://mixidj.delta-search.com/?affID=121139&babsrc=HP_ss&mntrId=DA36D0DF9A1D2502");
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "da36f0fb000000000000d0df9a1d2502");
user_pref("extensions.delta.instlDay", "15805");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.16.16");
user_pref("extensions.delta.vrsnTs", "1.8.16.1614:47:46");
user_pref("extensions.delta.vrsni", "1.8.16.16");
---- Lines delta modified from prefs.js ----
---- Lines delta removed from user.js ----
---- Lines mixidj removed from prefs.js ----
user_pref("extensions.mixidj.admin", false);
user_pref("extensions.mixidj.aflt", "babsst");
user_pref("extensions.mixidj.appId", "{A2773ED4-83BD-488A-A186-73590706C916}");
user_pref("extensions.mixidj.autoRvrt", "false");
user_pref("extensions.mixidj.bbDpng", "13");
user_pref("extensions.mixidj.cntry", "DE");
user_pref("extensions.mixidj.dfltLng", "en");
user_pref("extensions.mixidj.excTlbr", false);
user_pref("extensions.mixidj.hdrMd5", "F1B1EF99192893C22F4C241A3D098906");
user_pref("extensions.mixidj.id", "da36f0fb000000000000d0df9a1d2502");
user_pref("extensions.mixidj.instlDay", "15808");
user_pref("extensions.mixidj.instlRef", "sst");
user_pref("extensions.mixidj.prdct", "mixidj");
user_pref("extensions.mixidj.prtnrId", "mixidj");
user_pref("extensions.mixidj.rvrt", "false");
user_pref("extensions.mixidj.sg", "none");
user_pref("extensions.mixidj.tlbrId", "base");
user_pref("extensions.mixidj.tlbrSrchUrl", "");
user_pref("extensions.mixidj.vrsn", "1.8.4.1");
user_pref("extensions.mixidj.vrsni", "1.8.4.1");
user_pref("extensions.mixidj_i.excTlbr", false);
user_pref("extensions.mixidj_i.newTab", false);
user_pref("extensions.mixidj_i.smplGrp", "none");
user_pref("extensions.mixidj_i.vrsnTs", "1.8.4.122:56:11");
---- Lines mixidj modified from prefs.js ----
---- Lines mixidj removed from user.js ----
---- Lines search.com removed from prefs.js ----
user_pref("keyword.URL", "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=");
---- Lines search.com modified from prefs.js ----
---- Lines search.com removed from user.js ----
---- FireFox user.js and prefs.js backups ----
user__2155_.backup
prefs__2155_.backup
==== Deleting Files \ Folders ======================
"C:\Users\Maddi\AppData\Roaming\Mozilla\Firefox\Profiles\lk38wdx8.default\searchplugins\delta.xml" deleted
"C:\Users\Maddi\AppData\Roaming\Mozilla\Firefox\Profiles\lk38wdx8.default\searchplugins\mixidj.xml" deleted
"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted
"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search the web.src" deleted
"C:\windows\tasks\AmiUpdXp.job" deleted
"C:\Users\Maddi\AppData\Roaming\Mozilla\Firefox\Profiles\lk38wdx8.default\bprotector_extensions.rdf" deleted
"C:\Users\Maddi\AppData\Roaming\Buhou\paopv.avi" deleted
"C:\Users\Maddi\AppData\Roaming\Riyhow\noarc.irc" deleted
"C:\Users\Maddi\AppData\Roaming\Buhou" deleted
"C:\Users\Maddi\AppData\Roaming\Riyhow" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted
"C:\Program Files (x86)\Optimizer Pro" deleted
"C:\Users\Maddi\AppData\Roaming\Babylon" deleted
"C:\ProgramData\Partner" deleted
"C:\ProgramData\Tarma Installer" deleted
"C:\ProgramData\Babylon" deleted
"C:\Users\Maddi\AppData\Local\SwvUpdater" deleted
"C:\Users\Maddi\AppData\LocalLow\boost_interprocess" deleted
==== Files Recently Created / Modified ======================
====== C:\windows ====
====== C:\Users\Maddi\AppData\Local\Temp ====
2013-04-29 19:27:40 28A57355D9583B66E51AD978384C159E 10240 ----a-w- C:\Users\Maddi\AppData\Local\Temp\libnspr4.dll
2013-04-23 19:15:11 73106E9299AD3BBBE4F0D528ACEE1EE9 11443832 ----a-w- C:\Users\Maddi\AppData\Local\Temp\BitBB25.tmp.exe
====== C:\windows\SysWOW64 =====
2013-04-30 10:37:26 8255AD29A44B2E14B2DD99319F92A0AB 95648 ----a-w- C:\windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
====== C:\windows\Sysnative\drivers =====
====== C:\windows\Tasks ======
====== C:\windows\Temp ======
======= C:\Program Files =====
2013-04-10 13:03:16 -------- d-----w- C:\Program Files\DomaIQ Uninstaller
2013-04-10 12:56:22 -------- d-----w- C:\Program Files\DivX
2013-04-10 12:47:56 -------- d-----w- C:\Program Files\Video downloader
======= C:\Program Files (x86) =====
2013-04-23 19:19:05 -------- d-----w- C:\Program Files (x86)\Opera
2013-04-10 17:27:04 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-10 13:02:54 -------- d-----w- C:\Program Files (x86)\Tuguu SL
2013-04-10 12:56:14 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2013-04-10 12:54:26 -------- d-----w- C:\Program Files (x86)\Uniblue
2013-04-10 12:53:56 -------- d-----w- C:\Program Files (x86)\DivX
2013-04-10 12:04:58 -------- d-----w- C:\Program Files (x86)\QuickTime
======= C: =====
====== C:\Users\Maddi\AppData\Roaming ======
2013-04-29 19:27:41 -------- d-----w- C:\users\Maddi\AppData\Roaming\Evud
2013-04-23 19:19:13 -------- d-----w- C:\users\Maddi\AppData\Roaming\Opera
2013-04-23 19:19:13 -------- d-----w- C:\users\Maddi\AppData\Local\Opera
2013-04-10 13:02:54 -------- d-----w- C:\users\Maddi\AppData\Roaming\player
2013-04-10 12:59:55 -------- d-----w- C:\users\Maddi\AppData\Local\DDMSettings
2013-04-10 12:54:26 -------- d-----w- C:\users\Maddi\AppData\Roaming\Uniblue
2013-04-10 12:47:50 -------- d-----w- C:\users\Maddi\AppData\Local\Programs
====== C:\Users\Maddi ======
2013-04-23 19:17:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet
2013-04-10 17:27:04 -------- d-----w- C:\ProgramData\Mozilla
2013-04-10 13:02:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAFPlayer
2013-04-10 12:56:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2013-04-10 12:54:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2013-04-10 12:05:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2013-04-10 12:04:58 -------- d-----w- C:\ProgramData\Apple Computer
====== C: exe-files ==
2013-05-01 11:00:49 43E0660D8761DDB4D628B2B92CD6305C 458240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{1DA470A7-F5A4-2615-B67F-9583F95D4C16}-owec.exe
2013-04-30 05:24:55 43E0660D8761DDB4D628B2B92CD6305C 458240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{0209D8D7-C1CD-FCE4-C129-99312064C903}-owec.exe
2013-04-29 20:07:47 43E0660D8761DDB4D628B2B92CD6305C 458240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{E240A10E-C614-291A-EFCB-4C991CB10E95}-owec.exe
2013-04-29 20:03:09 19038B7578F60289B35D42280EC8DA50 577768 ----a-w- C:\Users\Maddi\Downloads\FlashPlayer_V.95797118b.exe
2013-04-29 19:27:45 A101E3EEFEF06F7D2ED722AEC8180042 458240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{6AC9BE8E-227A-DB49-F7FF-EACDA468C5C4}-moksduor.exe
2013-04-29 16:30:16 1DA75E6171E86AA42240D41E743D72B4 239104 ----a-w- C:\Users\Maddi\AppData\Local\Temp\DIQ\FlashPlayer_151\DomaIQ.exe
2013-04-29 16:30:14 2E600690B40F7C190835E24524A56F01 242176 ----a-w- C:\Users\Maddi\AppData\Local\Temp\DIQ\FlashPlayer_151\DomaIQ10.exe
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-529716373-367860-252342032-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"MediaGet2"="C:\Users\Maddi\AppData\Local\MediaGet2\mediaget.exe --minimized"
"KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"Isoteqqae"="C:\Users\Maddi\AppData\Roaming\Evud\owec.exe"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"UpdateP2GShortCut"="C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Lenovo\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\5.0"
"YouCam Mirage"="C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"YouCam Tray"="C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe /s"
"VeriFaceManager"="C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
"UpdatePRCShortCut"="C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe C:\Program Files\Lenovo\OneKey App\OneKey Recovery UpdateWithCreateOnce Software\Lenovo\OneKey App\OneKey Recovery"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"MediaGet2"="C:\Users\Maddi\AppData\Local\MediaGet2\mediaget.exe --minimized"
"KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"Isoteqqae"="C:\Users\Maddi\AppData\Roaming\Evud\owec.exe"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdatePRCShortCut"="C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe C:\Program Files\Lenovo\OneKey App\OneKey Recovery UpdateWithCreateOnce Software\Lenovo\OneKey App\OneKey Recovery"
"Lenovo EE Boot Optimizer"="C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe"
"EnergyUtility"="C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"Energy Management"="C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
==== Startup Folders ======================
2013-03-13 16:02:46 2137 ----a-w- C:\users\Maddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
==== Task Scheduler Jobs ======================
C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [29.04.2013 19:01]
C:\windows\tasks\dsmonitor.job --a------ C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [16.01.2013 14:47]
C:\windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [17.07.2012 20:00]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Maddi\AppData\Roaming\Mozilla\Firefox\Profiles\lk38wdx8.default
- Video downloader - C:\Program Files\Video downloader\Firefox
- DivX Plus Web Player HTML5 lt;videogt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
- toolplugin - %ProfilePath%\extensions\welcome@toolmin.com
- Yahoo Toolbar - %ProfilePath%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
- Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
- BitComet - %ProfilePath%\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
- DivX Web Player - %ProfilePath%\extensions\DivXWebPlayer@divx.com.xpi
- ReloadEvery - %ProfilePath%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Maddi\AppData\Roaming\Mozilla\Firefox\Profiles\lk38wdx8.default
F7E72D3A281F922BACEC1A71A826D4C2 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll - Shockwave Flash
D4BD9F86123C87ECA570418B69326F99 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.170.2
5F58ED8B97F209A50DBA2ABA9A791F95 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer
15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleting Files \ Folders ======================
"C:\Users\Maddi\AppData\Roaming\Mozilla\Firefox\Profiles\lk38wdx8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}" deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[02.04.2013 07:24]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.de/"
"Default_Page_URL"="hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://www.google.de/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maddi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Maddi\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maddi\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maddi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\users\Maddi\AppData\Local\Mozilla\Firefox\Profiles\lk38wdx8.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Maddi\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Maddi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
OTL Logfile:
OTL EXTRAS Logfile: Code:
OTL logfile created on: 01.05.2013 22:05:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maddi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,96 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 39,58% Memory free
3,92 Gb Paging File | 2,51 Gb Available in Paging File | 64,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 254,14 Gb Total Space | 106,02 Gb Free Space | 41,72% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 4,74 Gb Free Space | 16,34% Space Free | Partition Type: NTFS
Computer Name: LENOVO | User Name: Maddi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.01 22:03:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maddi\Desktop\OTL.exe
PRC - [2013.04.29 19:01:49 | 000,812,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_169_ActiveX.exe
PRC - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013.01.16 14:47:30 | 000,026,456 | ---- | M] (Uniblue Systems Ltd) -- C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.01 18:05:54 | 001,386,136 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
PRC - [2012.10.09 19:18:36 | 000,458,240 | ---- | M] (Piriform Ltd) -- C:\Users\Maddi\AppData\Roaming\Evud\owec.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.08.02 09:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011.06.24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011.06.24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.06.12 06:36:47 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
PRC - [2010.12.24 13:19:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
PRC - [2010.09.13 20:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.13 20:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.01 22:01:20 | 000,055,816 | ---- | M] () -- C:\Users\Maddi\AppData\Local\Temp\b01d42a6-0948-4bd0-8dea-54d68f50a791\CliSecureRT.dll
MOD - [2013.04.10 15:51:21 | 001,159,168 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
MOD - [2013.04.10 15:49:10 | 000,767,488 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dc1f0dbf1d3ba856eccec90b62b55d79\System.Runtime.Remoting.ni.dll
MOD - [2013.04.10 15:48:32 | 001,776,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2013.04.10 14:59:18 | 013,006,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2013.04.10 14:59:07 | 017,629,184 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
MOD - [2013.04.10 14:59:03 | 001,651,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2013.04.10 14:58:59 | 000,450,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3555f5f74c56fa92c0ab7a635af91bfa\PresentationFramework.Aero.ni.dll
MOD - [2013.04.10 14:58:43 | 011,057,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2013.04.10 14:58:38 | 007,025,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2013.04.10 14:58:25 | 003,779,072 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2013.04.10 14:58:19 | 009,000,960 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2013.04.10 14:58:11 | 014,415,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2013.03.14 17:43:20 | 000,164,184 | ---- | M] () -- C:\Programme\Video downloader\Extension32.dll
MOD - [2013.02.13 04:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2012.11.01 20:00:38 | 002,025,624 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wfvie13.dll
MOD - [2012.11.01 18:05:54 | 001,386,136 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
MOD - [2012.11.01 15:47:14 | 008,748,696 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wgui13.dll
MOD - [2012.11.01 15:47:00 | 002,950,296 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wcore13.dll
MOD - [2012.11.01 15:46:50 | 000,308,376 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rscorewinapi48.dll
MOD - [2012.11.01 15:46:48 | 004,070,040 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wauff13.dll
MOD - [2012.11.01 15:46:36 | 001,710,232 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wreli13.dll
MOD - [2012.11.01 15:46:34 | 001,596,568 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wsteu13.dll
MOD - [2012.11.01 15:46:34 | 000,320,664 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsguiwinapi48.dll
MOD - [2012.11.01 15:46:20 | 000,135,832 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsodbc48.dll
MOD - [2012.11.01 15:46:16 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsdcom48.dll
MOD - [2012.10.22 11:11:31 | 000,475,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll
MOD - [2012.10.22 10:47:01 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.09.25 14:41:11 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
MOD - [2012.09.25 11:28:41 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.09.25 11:28:12 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.09.25 11:28:04 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.09.25 11:27:43 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.09.25 11:27:39 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.09.25 11:27:38 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.09.25 11:27:32 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.10.04 21:26:16 | 000,630,272 | ---- | M] () -- C:\Users\Maddi\AppData\Roaming\toolplugin\toolbar.dll
MOD - [2011.06.24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011.06.12 06:36:46 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
MOD - [2011.06.11 21:54:04 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
========== Services (SafeList) ==========
SRV - [2013.04.29 19:01:50 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.27 04:16:39 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.04.27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.12.28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010.09.22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 16:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.13 20:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.26 10:32:16 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.09.25 12:52:03 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011.09.25 12:52:03 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.06.12 06:46:18 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2011.06.12 06:46:18 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2011.05.13 04:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.05.13 04:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.05.13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011.05.13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.05.13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.04.27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.02.03 13:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.12.24 13:19:56 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010.12.02 20:42:14 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2010.11.30 08:40:04 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.11.24 13:33:26 | 002,673,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.12 09:27:36 | 001,560,704 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010.09.27 09:24:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.09.13 20:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.09.06 09:19:54 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:64bit: - [2010.09.06 09:11:32 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.04.20 22:14:16 | 000,200,704 | ---- | M] (SMI) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SMIksdrv.sys -- (usbsmi)
DRV:64bit: - [2010.01.15 20:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010.09.06 09:11:32 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-529716373-367860-252342032-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-529716373-367860-252342032-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-529716373-367860-252342032-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKU\S-1-5-21-529716373-367860-252342032-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-529716373-367860-252342032-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: welcome%40toolmin.com:1.03
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:1.0.5
FF - prefs.js..extensions.enabledAddons: %7B77BEC163-D389-42c1-91A4-C758846296A5%7D:2.0.0.430
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172
FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.8.20110620112826
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.5
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:7.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{77BEC163-D389-42c1-91A4-C758846296A5}: C:\PROGRAM FILES\VIDEO DOWNLOADER\FIREFOX [2013.04.10 14:47:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{77BEC163-D389-42c1-91A4-C758846296A5}: C:\Program Files\Video downloader\Firefox [2013.04.10 14:47:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.04.10 14:57:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.10 19:26:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.10 19:26:48 | 000,000,000 | ---D | M]
[2011.09.26 09:53:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maddi\AppData\Roaming\mozilla\Extensions
[2013.05.01 21:58:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maddi\AppData\Roaming\mozilla\Firefox\Profiles\lk38wdx8.default\extensions
[2011.10.02 09:04:02 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Maddi\AppData\Roaming\mozilla\Firefox\Profiles\lk38wdx8.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013.04.23 21:17:31 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Maddi\AppData\Roaming\mozilla\Firefox\Profiles\lk38wdx8.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2012.02.24 23:11:26 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\Maddi\AppData\Roaming\mozilla\Firefox\Profiles\lk38wdx8.default\extensions\welcome@toolmin.com
[2013.04.10 19:27:13 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Maddi\AppData\Roaming\mozilla\firefox\profiles\lk38wdx8.default\extensions\DivXWebPlayer@divx.com.xpi
[2013.04.10 19:28:58 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Maddi\AppData\Roaming\mozilla\firefox\profiles\lk38wdx8.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2013.04.10 19:26:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.10 14:57:58 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013.04.10 14:47:58 | 000,000,000 | ---D | M] (Video downloader) -- C:\PROGRAM FILES\VIDEO DOWNLOADER\FIREFOX
[2013.03.27 04:17:36 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.09.09 06:49:04 | 001,037,112 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2013.03.27 05:32:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.27 05:32:09 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.27 05:32:09 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.27 05:32:09 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.27 05:32:09 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.27 05:32:09 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Video downloader) - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Programme\Video downloader\Extension64.dll ()
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Video downloader) - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Programme\Video downloader\Extension32.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Maddi\AppData\Roaming\toolplugin\toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-529716373-367860-252342032-1000\..\Toolbar\WebBrowser: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Maddi\AppData\Roaming\toolplugin\toolbar.dll ()
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-529716373-367860-252342032-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-529716373-367860-252342032-1000..\Run: [Isoteqqae] C:\Users\Maddi\AppData\Roaming\Evud\owec.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-529716373-367860-252342032-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-529716373-367860-252342032-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-529716373-367860-252342032-1000..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-529716373-367860-252342032-1000..\Run: [MediaGet2] C:\Users\Maddi\AppData\Local\MediaGet2\mediaget.exe --minimized File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Maddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk = C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Maddi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Maddi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivX Plus Web Player Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6AEF4EDB-31A2-43F6-BCFA-35CC69C80E3F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91D2D276-5A73-4F7F-B89D-086AEE5F5C97}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.01 22:03:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Maddi\Desktop\OTL.exe
[2013.05.01 22:00:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.01 21:59:07 | 000,000,000 | ---D | C] -- C:\windows\Temp
[2013.05.01 21:59:07 | 000,000,000 | ---D | C] -- C:\Users\Maddi\AppData\Local\Temp
[2013.04.30 12:38:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.30 12:37:26 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2013.04.30 12:37:26 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2013.04.30 12:37:26 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.29 21:27:41 | 000,000,000 | ---D | C] -- C:\Users\Maddi\AppData\Roaming\Evud
[2013.04.23 21:19:13 | 000,000,000 | ---D | C] -- C:\Users\Maddi\AppData\Roaming\Opera
[2013.04.23 21:19:13 | 000,000,000 | ---D | C] -- C:\Users\Maddi\AppData\Local\Opera
[2013.04.23 21:19:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2013.04.23 21:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet
[2013.04.13 23:06:03 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2013.04.13 23:04:11 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.13 23:04:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.13 23:04:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.13 23:04:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.13 23:04:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.13 23:04:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.13 23:04:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.13 23:04:10 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2013.04.13 23:04:10 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013.04.13 23:04:10 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.13 23:04:10 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.13 23:04:10 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.13 23:04:10 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.13 23:04:10 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.13 23:04:10 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.13 23:04:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.13 23:04:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.13 23:04:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.13 23:04:10 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.13 23:04:10 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.13 23:04:09 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2013.04.13 23:04:09 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2013.04.13 23:04:09 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2013.04.13 23:04:09 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2013.04.13 23:04:09 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2013.04.13 23:04:09 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013.04.13 23:04:09 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013.04.13 23:04:09 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013.04.13 23:04:09 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013.04.13 23:04:09 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2013.04.13 23:04:08 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013.04.13 23:04:08 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013.04.13 23:04:08 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013.04.13 23:04:08 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2013.04.13 23:04:08 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2013.04.13 23:04:08 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2013.04.13 23:04:08 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2013.04.13 23:04:08 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2013.04.13 23:04:08 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2013.04.13 23:04:08 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2013.04.13 23:04:08 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2013.04.10 19:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.04.10 19:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.04.10 15:03:16 | 000,000,000 | ---D | C] -- C:\Program Files\DomaIQ Uninstaller
[2013.04.10 15:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAFPlayer
[2013.04.10 15:02:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tuguu SL
[2013.04.10 15:02:54 | 000,000,000 | ---D | C] -- C:\Users\Maddi\AppData\Roaming\player
[2013.04.10 15:02:19 | 000,000,000 | R--D | C] -- C:\Users\Maddi\Desktop\Lenovo
[2013.04.10 15:01:22 | 000,000,000 | ---D | C] -- C:\Users\Maddi\Desktop\divx
[2013.04.10 14:59:55 | 000,000,000 | ---D | C] -- C:\Users\Maddi\AppData\Local\DDMSettings
[2013.04.10 14:56:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013.04.10 14:56:22 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.04.10 14:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013.04.10 14:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2013.04.10 14:54:26 | 000,000,000 | ---D | C] -- C:\Users\Maddi\AppData\Roaming\Uniblue
[2013.04.10 14:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2013.04.10 14:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013.04.10 14:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\Video downloader
[2013.04.10 14:47:50 | 000,000,000 | ---D | C] -- C:\Users\Maddi\AppData\Local\Programs
[2013.04.10 14:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.04.10 14:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013.04.10 14:04:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.04.08 22:00:46 | 000,000,000 | ---D | C] -- C:\Users\Maddi\Desktop\Telekom
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.01 22:07:33 | 000,021,072 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.01 22:07:33 | 000,021,072 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.01 22:04:37 | 001,619,200 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.05.01 22:04:37 | 000,698,914 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.05.01 22:04:37 | 000,654,192 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.05.01 22:04:37 | 000,148,820 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.05.01 22:04:37 | 000,121,766 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.05.01 22:03:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maddi\Desktop\OTL.exe
[2013.05.01 22:00:43 | 000,140,237 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2013.05.01 22:00:23 | 000,000,340 | ---- | M] () -- C:\windows\tasks\dsmonitor.job
[2013.05.01 22:00:21 | 000,000,374 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts.ics
[2013.05.01 22:00:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.05.01 22:00:00 | 1579,622,400 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.01 21:50:13 | 000,024,064 | ---- | M] () -- C:\windows\zoek-delete.exe
[2013.05.01 21:49:37 | 001,273,277 | ---- | M] () -- C:\Users\Maddi\Desktop\zoek.exe
[2013.05.01 21:41:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.05.01 21:40:00 | 000,000,338 | ---- | M] () -- C:\windows\tasks\HP Photo Creations Communicator.job
[2013.04.29 19:01:49 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.04.29 19:01:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.23 21:17:07 | 000,000,999 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2013.04.13 23:07:59 | 000,000,866 | ---- | M] () -- C:\windows\SysWow64\InstallUtil.InstallLog
[2013.04.13 23:06:03 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2013.04.13 23:04:11 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.13 23:04:11 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.13 23:04:11 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.13 23:04:11 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.13 23:04:11 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.13 23:04:11 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.13 23:04:11 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.13 23:04:11 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.13 23:04:10 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2013.04.13 23:04:10 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2013.04.13 23:04:10 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013.04.13 23:04:10 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.13 23:04:10 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.13 23:04:10 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.13 23:04:10 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.13 23:04:10 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.13 23:04:10 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.13 23:04:10 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.13 23:04:10 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.13 23:04:10 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.13 23:04:10 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.13 23:04:09 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2013.04.13 23:04:09 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2013.04.13 23:04:09 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2013.04.13 23:04:09 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2013.04.13 23:04:09 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013.04.13 23:04:09 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013.04.13 23:04:09 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013.04.13 23:04:09 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013.04.13 23:04:09 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2013.04.13 23:04:08 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013.04.13 23:04:08 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013.04.13 23:04:08 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013.04.13 23:04:08 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2013.04.13 23:04:08 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2013.04.13 23:04:08 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2013.04.13 23:04:08 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2013.04.13 23:04:08 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2013.04.13 23:04:08 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2013.04.13 23:04:08 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2013.04.13 23:04:08 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2013.04.11 12:40:39 | 000,297,744 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.04.10 19:27:05 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.10 15:02:56 | 000,002,599 | ---- | M] () -- C:\Users\Public\Desktop\VAFPlayer.lnk
[2013.04.10 15:02:11 | 001,597,222 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013.04.10 14:05:17 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013.04.04 05:35:05 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.04 05:30:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2013.04.04 05:29:44 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.01 21:59:07 | 000,024,064 | ---- | C] () -- C:\windows\zoek-delete.exe
[2013.05.01 21:49:37 | 001,273,277 | ---- | C] () -- C:\Users\Maddi\Desktop\zoek.exe
[2013.04.13 22:57:03 | 000,000,866 | ---- | C] () -- C:\windows\SysWow64\InstallUtil.InstallLog
[2013.04.10 19:27:05 | 000,001,139 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.10 15:02:56 | 000,002,599 | ---- | C] () -- C:\Users\Public\Desktop\VAFPlayer.lnk
[2013.04.10 14:54:37 | 000,000,340 | ---- | C] () -- C:\windows\tasks\dsmonitor.job
[2013.04.10 14:05:17 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013.03.13 18:03:00 | 000,000,080 | ---- | C] () -- C:\windows\wiso.ini
[2012.09.24 18:44:48 | 000,022,528 | ---- | C] () -- C:\Users\Maddi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.06 14:12:15 | 000,148,373 | ---- | C] () -- C:\windows\hphins33.dat
[2011.11.06 14:12:15 | 000,000,512 | ---- | C] () -- C:\windows\hphmdl33.dat
[2011.09.26 22:47:24 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
[2011.09.26 17:06:19 | 000,007,603 | ---- | C] () -- C:\Users\Maddi\AppData\Local\resmon.resmoncfg
[2011.09.26 14:53:05 | 000,327,680 | ---- | C] () -- C:\Program Files\gw32.exe
[2011.09.26 14:53:05 | 000,116,950 | ---- | C] () -- C:\Program Files\gw32.chm
[2011.09.26 14:53:05 | 000,073,728 | ---- | C] () -- C:\windows\SysWow64\GkSui18.EXE
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\vietnamese.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\turkish.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\swedish.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\spanish.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\slovak.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\serbian.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\romanian.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\portuguese.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\polish.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\norwegian.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\italian.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\hungarian.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\german.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\french.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\finnish.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\dutch.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\danish.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\czech.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\croatian.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\catalan.lng
[2011.09.26 14:53:05 | 000,053,248 | ---- | C] () -- C:\Program Files\bulgarian.lng
[2011.09.26 14:53:05 | 000,049,152 | ---- | C] () -- C:\Program Files\latvian.lng
[2011.09.26 14:53:05 | 000,032,768 | ---- | C] () -- C:\Program Files\gw32.dll
[2011.09.26 14:53:05 | 000,018,276 | ---- | C] () -- C:\Program Files\Uninstall7550.DAT
[2011.09.26 14:53:05 | 000,013,826 | ---- | C] () -- C:\Program Files\UILANG2.UDB
[2011.09.26 14:53:05 | 000,013,826 | ---- | C] () -- C:\Program Files\UILANG1.UDB
[2011.09.26 11:46:34 | 000,000,534 | ---- | C] () -- C:\windows\eReg.dat
[2011.09.26 10:47:20 | 001,597,222 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.06.12 06:54:03 | 000,000,512 | ---- | C] () -- C:\windows\previous.bin
[2011.06.12 06:54:03 | 000,000,512 | ---- | C] () -- C:\windows\current.bin
[2011.06.12 06:36:53 | 002,086,240 | ---- | C] () -- C:\windows\SysWow64\LenovoVeriface.Interface.dll
[2011.06.12 06:36:53 | 001,500,512 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll
[2011.06.12 06:36:53 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll
[2011.06.12 06:36:53 | 000,472,416 | ---- | C] () -- C:\windows\SysWow64\Lenovo.VerifaceStub.dll
[2011.06.12 06:36:43 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
[2011.06.12 06:23:03 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2011.06.12 06:14:00 | 000,982,240 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2011.06.12 06:13:59 | 000,092,356 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2011.06.12 06:13:58 | 000,439,308 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2011.06.07 11:13:38 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2011.06.07 11:13:38 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2011.06.07 11:13:38 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2011.06.07 11:13:38 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2011.06.07 11:13:38 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:373E1720
< End of report >
--- --- ---
--- --- ---
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 01.05.2013 22:05:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maddi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,96 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 39,58% Memory free
3,92 Gb Paging File | 2,51 Gb Available in Paging File | 64,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 254,14 Gb Total Space | 106,02 Gb Free Space | 41,72% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 4,74 Gb Free Space | 16,34% Space Free | Partition Type: NTFS
Computer Name: LENOVO | User Name: Maddi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-529716373-367860-252342032-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\windows\system32\rundll32.exe" "C:\windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04104D8E-3677-4FC7-873F-7087A9706FB2}" = lport=138 | protocol=17 | dir=in | app=system |
"{06EA4AE2-08C3-4D13-8C57-F56F35EA610E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0A61653A-56C5-4AD0-B471-59E3CB4DCB17}" = lport=137 | protocol=17 | dir=in | app=system |
"{0B98AE9F-4A9D-4108-A9D4-38AF9F9A8DD0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{12DE1EC3-D7E4-462F-A5C8-FEDBBCD90B56}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1F07E3ED-7DFB-4FC2-8384-D962B370303F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{29855411-7D69-4C50-A1DF-8025443B478F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2CA2E767-7E23-4B51-8A73-5B8EDBFB6524}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3015C3F2-5841-4611-8941-B26B427C63D4}" = rport=2869 | protocol=6 | dir=out | app=system |
"{36A2EE50-0045-44B9-B148-C7CEA3527756}" = rport=137 | protocol=17 | dir=out | app=system |
"{37B6CF6E-9E60-47F9-821C-58533EA7A51E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38EF234A-BFEF-4D4E-8AD6-44A9E3DF26A6}" = lport=139 | protocol=6 | dir=in | app=system |
"{38F3575F-1232-4342-BB1E-FA7423B5600A}" = lport=13462 | protocol=17 | dir=in | name=bitcomet 13462 udp |
"{4025767B-6A32-4BBD-8A43-3C335CB8F7B7}" = lport=445 | protocol=6 | dir=in | app=system |
"{41E848D6-5141-4CAF-92AB-D920AC636BDD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{47A87F4A-F9E7-4BAB-A356-0EF0E4504F13}" = rport=10243 | protocol=6 | dir=out | app=system |
"{480BE578-A6C9-4905-8C11-369B47AA7DCF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4C60B73B-1704-4491-A284-3808B821B08C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5574F563-333A-4F32-9A82-D383A165BF6C}" = rport=445 | protocol=6 | dir=out | app=system |
"{5880927F-3905-4773-84E8-9613822C64F2}" = rport=138 | protocol=17 | dir=out | app=system |
"{5CDBA069-A1FE-44AE-B036-F4A36AF94489}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{695EE8BE-5664-4E13-894D-D7F2A0B1A432}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7EBD09B5-BEDC-412D-A208-DEA199A7BCA1}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{852D4690-8183-4598-899B-64D36639884A}" = rport=139 | protocol=6 | dir=out | app=system |
"{9980124F-842F-4442-BAF0-969603EFE0E0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9FE14324-844E-45BB-9F33-B341E3E1A42B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A4331982-277F-4312-9A6F-CEA7C6EE0B3D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A453A7BC-79D9-46EB-9535-A76FFE23E805}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6442EE3-D01D-4DE5-A820-9D75DD0D83E4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B88A46DD-28C1-478C-AC1C-02D89417060C}" = lport=13462 | protocol=6 | dir=in | name=bitcomet 13462 tcp |
"{C23AB2EE-9A70-4E93-91F5-6B35462FD11C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C5FE754A-D789-417E-A134-E7E6A3E8D242}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DE00DED1-A2C8-4533-9C1F-CEB13733D72B}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DE25B273-5A2F-4EA3-B374-6B1F55F5F715}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8B06F4B-DCBC-46E1-948D-2E1EDC841FF8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{014D3AE1-A90E-4304-889E-847625DCACBB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{02534E81-F1A4-4AA6-B958-E24E2A369A55}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{029219D5-61E4-4187-BEAA-7CDD103C3AC0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0BFA6159-CD93-40D1-8497-A7B98C1AED45}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{101CBEB3-85AF-49F8-9A73-5B10B8A24FED}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{121FCA2F-26C8-49F1-8CF2-CC61C174EE1A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{1F33610B-AFC2-4AB6-9D6C-BCC156CAF09B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{26C7C213-DF4B-4400-A537-25F1B665EFF2}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2818AD0A-1D09-4E5C-8FC9-B061A77066C3}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{318DEA7F-5941-46DE-B616-D743AC1EDACC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3339B29F-2EEF-4AA4-816A-9052FA886281}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{372C44E4-F439-48E1-9B9E-1D3FE41633EA}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{3849A0CF-E39C-4ACF-9A3B-6E655F6F679E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3CC33734-2356-4F4C-A05F-79717C5A5AC1}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{40EC9839-7740-4475-AD0C-E2D12B17AAD9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\driver san francisco\driver.exe |
"{46C65739-51C2-4188-BC16-535FD38B60B3}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4C219851-8029-44D2-B8C7-55C09FD9574C}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{4D34CA32-35CC-4697-A848-63FD1C97E700}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53A27D19-DC5B-4BDF-813B-7FBB024996ED}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{61DCE85E-130D-4718-8220-F25EE6585DCF}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{6357F892-079C-4C10-9419-E8418BF56CF7}" = protocol=6 | dir=out | app=system |
"{69934B2F-BAAB-4E05-8133-40EAA9E66E0A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6CF181EA-6356-4662-82A6-3C9129E3ABA9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{785788B4-C0E7-447A-8888-1AC4847DA17C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7881004D-5635-4417-87E4-29CDA118C760}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{7FFE2B38-12C8-45D2-8BB3-48A42064956E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{893FFDA2-E6CA-4A9A-B1DF-6AD1F6E01FC2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8CFB9882-0D3E-49C1-A57E-8A01A68D1EE5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9C5C0F87-A3F9-46E3-8521-723B217D574C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9CB796AA-B2A9-4D05-8411-69E158B94D43}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{AADAA4A6-9502-43CA-81F2-2F02DAB4538D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BAAF5838-2546-4DC8-84E2-6E720E6049FD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\driver san francisco\driver.exe |
"{C77ADB3A-2407-4427-A82B-0C5D549E6265}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CD2C7F05-2F95-4274-AA64-1B0DC797A7A2}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{D32B10B0-7497-4196-AFD9-5148B2F86E24}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ED423F04-9930-458F-93F0-831108DC8EF6}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{EECB2756-6894-4D84-A43A-477AD217E351}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{F66F267F-CF8B-443C-83EE-303E703541CF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F983F2B7-AB36-4A10-B89E-A3FEF44793E0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FE399AD2-2EAF-43AB-902C-46DA1ABD2787}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{02AECF94-4058-4B36-A0F3-3ECD34CD1601}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{6C517FAB-4E32-4474-85B8-5102DD80A597}C:\users\maddi\appdata\roaming\evud\owec.exe" = protocol=6 | dir=in | app=c:\users\maddi\appdata\roaming\evud\owec.exe |
"TCP Query User{938D0254-6865-430B-AD6F-D2DE996F7CC9}C:\program files (x86)\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"UDP Query User{5E059BF4-F5EE-4185-AFF4-008D6A211CF5}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{7C7D7366-8939-4EC3-AB22-F32AB7802E56}C:\program files (x86)\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"UDP Query User{B9251B79-322D-4D37-AC33-E7AAEE09A411}C:\users\maddi\appdata\roaming\evud\owec.exe" = protocol=17 | dir=in | app=c:\users\maddi\appdata\roaming\evud\owec.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{77BEC163-D389-42c1-91A4-C758846296A5}_is1" = Video downloader 2.0.0.430
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96178C0A-BAF9-4E49-A2A5-CDE76722105B}" = HP Deskjet D1600 Printer Driver 14.0 Rel. 6
"{A7096369-9332-466C-8357-08770CDCE277}" = HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CNXT_AUDIO_HDA" = Conexant HD Audio
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Hilfe
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = DriverScanner
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C9B2F671-870B-43A0-8B9D-7DB30CEBD87E}" = DJ_SF_06_D1600_SW_Min
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}" = Atheros Client Installation Program
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}" = VAFPlayer
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = Benutzerhandbuch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}" = Lenovo EasyCamera
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BitComet" = BitComet 1.29
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"DomaIQ Uninstaller" = DomaIQ
"Driver San Francisco" = Driver San Francisco
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.33.1005
"GameWiz32" = GameWiz32
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Mozilla Firefox 20.0 (x86 de)" = Mozilla Firefox 20.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"SpeedCommander 14" = SpeedCommander 14
"toolplugin" = toolplugin
"VeriFace" = VeriFace
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-529716373-367860-252342032-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}" = WISO Steuer-Sparbuch 2013
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.04.2013 13:46:35 | Computer Name = lenovo | Source = WinMgmt | ID = 10
Description =
Error - 12.04.2013 06:35:55 | Computer Name = lenovo | Source = WinMgmt | ID = 10
Description =
Error - 12.04.2013 14:20:06 | Computer Name = lenovo | Source = WinMgmt | ID = 10
Description =
Error - 13.04.2013 13:27:31 | Computer Name = lenovo | Source = WinMgmt | ID = 10
Description =
Error - 13.04.2013 16:06:42 | Computer Name = lenovo | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\microsoft security client\MSESysprep.dll" in Zeile 10. Das imaging-Element
wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error - 14.04.2013 05:05:41 | Computer Name = lenovo | Source = WinMgmt | ID = 10
Description =
Error - 14.04.2013 05:38:43 | Computer Name = lenovo | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\microsoft security client\MSESysprep.dll" in Zeile 10. Das imaging-Element
wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error - 14.04.2013 14:43:20 | Computer Name = lenovo | Source = WinMgmt | ID = 10
Description =
Error - 15.04.2013 03:37:32 | Computer Name = lenovo | Source = WinMgmt | ID = 10
Description =
Error - 15.04.2013 04:11:24 | Computer Name = lenovo | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\microsoft security client\MSESysprep.dll" in Zeile 10. Das imaging-Element
wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error - 15.04.2013 05:29:49 | Computer Name = lenovo | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 05.08.2012 10:06:03 | Computer Name = lenovo | Source = MCUpdate | ID = 0
Description = 16:06:03 - Fehler beim Herstellen der Internetverbindung. 16:06:03
- Serververbindung konnte nicht hergestellt werden..
Error - 05.08.2012 10:06:13 | Computer Name = lenovo | Source = MCUpdate | ID = 0
Description = 16:06:08 - Fehler beim Herstellen der Internetverbindung. 16:06:08
- Serververbindung konnte nicht hergestellt werden..
Error - 05.08.2012 11:06:54 | Computer Name = lenovo | Source = MCUpdate | ID = 0
Description = 17:06:53 - Fehler beim Herstellen der Internetverbindung. 17:06:54
- Serververbindung konnte nicht hergestellt werden..
Error - 05.08.2012 11:08:31 | Computer Name = lenovo | Source = MCUpdate | ID = 0
Description = 17:07:00 - Fehler beim Herstellen der Internetverbindung. 17:07:00
- Serververbindung konnte nicht hergestellt werden..
Error - 05.08.2012 12:08:41 | Computer Name = lenovo | Source = MCUpdate | ID = 0
Description = 18:08:40 - Fehler beim Herstellen der Internetverbindung. 18:08:41
- Serververbindung konnte nicht hergestellt werden..
Error - 05.08.2012 12:08:50 | Computer Name = lenovo | Source = MCUpdate | ID = 0
Description = 18:08:46 - Fehler beim Herstellen der Internetverbindung. 18:08:46
- Serververbindung konnte nicht hergestellt werden..
Error - 05.08.2012 13:08:55 | Computer Name = lenovo | Source = MCUpdate | ID = 0
Description = 19:08:55 - Fehler beim Herstellen der Internetverbindung. 19:08:55
- Serververbindung konnte nicht hergestellt werden..
Error - 05.08.2012 13:09:01 | Computer Name = lenovo | Source = MCUpdate | ID = 0
Description = 19:09:01 - Fehler beim Herstellen der Internetverbindung. 19:09:01
- Serververbindung konnte nicht hergestellt werden..
Error - 11.08.2012 15:41:44 | Computer Name = lenovo | Source = MCUpdate | ID = 0
Description = 21:41:43 - Fehler beim Herstellen der Internetverbindung. 21:41:43
- Serververbindung konnte nicht hergestellt werden..
Error - 11.08.2012 15:41:58 | Computer Name = lenovo | Source = MCUpdate | ID = 0
Description = 21:41:49 - Fehler beim Herstellen der Internetverbindung. 21:41:49
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 25.09.2012 05:21:38 | Computer Name = lenovo | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
Error - 29.09.2012 12:09:25 | Computer Name = lenovo | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.137.388.0 Aktualisierungsquelle: %%859 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8800.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 29.09.2012 12:51:57 | Computer Name = lenovo | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.137.388.0 Aktualisierungsquelle: %%859 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8800.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 29.09.2012 14:16:40 | Computer Name = lenovo | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.137.388.0 Aktualisierungsquelle: %%859 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8800.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 30.09.2012 04:32:51 | Computer Name = lenovo | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
Error - 30.09.2012 04:42:31 | Computer Name = lenovo | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.137.388.0 Aktualisierungsquelle: %%859 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8800.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 03.10.2012 10:06:43 | Computer Name = lenovo | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
Error - 03.10.2012 10:16:30 | Computer Name = lenovo | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.137.772.0 Aktualisierungsquelle: %%859 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8800.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 03.10.2012 12:08:14 | Computer Name = lenovo | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.137.772.0 Aktualisierungsquelle: %%859 Aktualisierungsstufe:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8800.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 04.10.2012 13:43:19 | Computer Name = lenovo | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
< End of report >
--- --- --- |
AdwCleaner auf deinen Desktop.
SecurityCheck und:
Lesestoff: