| Ticklishsock | 11.08.2010 20:22 |
Symantec meldet geblockte von mir ausgehende Spam-Mails.
Vielen Dank, ich werde mich morgen melden, nachdem ich diese Schritte abgearbeitet habe.
Es ist zwar noch nicht ganz "Morgen", doch da es schneller ging als erwartet, hier sind die Logs: OTL.txt:OTL Logfile: Code:
OTL logfile created on: 11.08.2010 23:41:22 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Tobia\Desktop\MFTools
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 1,06 Gb Free Space | 2,41% Space Free | Partition Type: NTFS
Drive D: | 246,33 Gb Total Space | 34,46 Gb Free Space | 13,99% Space Free | Partition Type: NTFS
Drive E: | 7,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WURSTTHEKE
Current User Name: Tobia
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010.08.11 21:46:17 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Tobia\Desktop\MFTools\OTL.exe
PRC - [2010.04.28 16:18:06 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Users\Tobia\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2009.07.29 01:56:20 | 005,325,657 | ---- | M] () -- d:\Program Files\Vidalia Bundle\Tor\tor.exe
PRC - [2009.07.12 03:32:32 | 005,113,430 | ---- | M] () -- D:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2009.05.19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.02.26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2009.01.19 12:14:44 | 000,186,664 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
PRC - [2009.01.19 12:13:44 | 002,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2008.09.22 22:36:48 | 000,708,608 | ---- | M] (Mirco-Star International CO., LTD.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2008.08.27 01:52:14 | 000,159,744 | ---- | M] () -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2008.08.20 12:35:20 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.30 03:44:28 | 000,050,952 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\upeksvr.exe
PRC - [2008.04.30 03:25:36 | 000,278,792 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\psqltray.exe
PRC - [2008.03.18 06:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008.02.22 19:04:42 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008.01.23 05:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2008.01.21 04:24:17 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
PRC - [2008.01.21 04:23:40 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.10.29 23:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007.10.05 03:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007.09.29 01:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007.08.31 11:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007.02.02 17:26:44 | 000,283,136 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\FRITZWLANMini.exe
PRC - [2007.01.04 23:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006.11.20 16:30:54 | 000,250,368 | ---- | M] (The Privoxy team - www.privoxy.org) -- D:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
========== Modules (SafeList) ==========
MOD - [2010.08.11 21:46:17 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Tobia\Desktop\MFTools\OTL.exe
MOD - [2008.01.21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008.01.21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.07.20 14:25:56 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 22:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.06.20 18:53:07 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2009.05.19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.01.19 12:13:44 | 002,789,160 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008.10.17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008.10.17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008.10.17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008.08.27 01:52:14 | 000,159,744 | ---- | M] () [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2008.03.18 06:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.09.29 01:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.08.31 11:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007.08.23 14:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007.08.22 01:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007.01.04 23:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2009.08.18 10:00:00 | 001,323,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090818.021\NAVEX15.SYS -- (NAVEX15)
DRV - [2009.08.18 10:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090818.021\NAVENG.SYS -- (NAVENG)
DRV - [2009.06.24 01:02:48 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009.06.16 12:44:44 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009.06.16 12:44:44 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009.05.19 23:27:16 | 000,272,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20090811.004\IDSvix86.sys -- (IDSvix86)
DRV - [2009.03.17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009.02.19 13:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009.02.19 13:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009.02.19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009.02.19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009.02.19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009.02.19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008.10.15 04:04:40 | 000,296,704 | ---- | M] (AfaTech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2008.10.15 04:00:48 | 000,484,736 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2008.10.15 04:00:48 | 000,038,656 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2008.10.06 11:53:24 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008.09.24 06:26:00 | 007,585,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.08.20 12:02:10 | 002,160,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.08.18 15:45:00 | 000,013,352 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2008.07.30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008.07.20 11:44:44 | 000,324,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.06.30 13:56:12 | 000,917,504 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.06.09 10:45:08 | 001,748,352 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.06.06 04:01:50 | 000,062,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008.06.02 20:50:44 | 000,050,576 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tcusb.sys -- (TcUsb)
DRV - [2008.05.19 07:45:24 | 000,380,416 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28.sys -- (netr28)
DRV - [2008.05.02 07:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.04.28 19:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008.04.28 17:09:46 | 000,995,328 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PKWCap.sys -- (PKWCap)
DRV - [2008.04.28 00:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.03.21 06:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.02.16 00:01:06 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008.02.01 00:55:06 | 000,074,240 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008.01.23 05:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.11.30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007.11.30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007.11.30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007.11.29 18:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.10.18 23:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.10.02 20:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.08.08 17:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007.03.19 16:00:14 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RLVrtAuCbl.sys -- (ReallusionVirtualAudio)
DRV - [2007.02.16 11:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.02.15 16:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2007.01.26 01:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2007.01.26 01:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.10.11 04:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006.08.28 23:54:56 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gan_adapter.sys -- (hamachi_oem)
DRV - [2005.01.07 14:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004.05.13 15:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.05.13 13:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2001.04.09 22:45:00 | 000,008,138 | ---- | M] (Wacom Technology Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\PenClass.sys -- (PenClass)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com.tw
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com.tw
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2567732
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.29 15:43:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.29 15:43:40 | 000,000,000 | ---D | M]
[2009.06.20 18:43:33 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\mozilla\Extensions
[2010.08.11 15:43:01 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\mozilla\Firefox\Profiles\sw725uwf.default\extensions
[2010.07.30 20:29:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tobia\AppData\Roaming\mozilla\Firefox\Profiles\sw725uwf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.20 20:26:25 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Tobia\AppData\Roaming\mozilla\Firefox\Profiles\sw725uwf.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2010.04.21 12:07:06 | 000,000,957 | ---- | M] () -- C:\Users\Tobia\AppData\Roaming\Mozilla\FireFox\Profiles\sw725uwf.default\searchplugins\conduit.xml
[2010.08.09 15:29:37 | 000,000,961 | ---- | M] () -- C:\Users\Tobia\AppData\Roaming\Mozilla\FireFox\Profiles\sw725uwf.default\searchplugins\icqplugin-1.xml
[2010.05.18 21:41:18 | 000,000,958 | ---- | M] () -- C:\Users\Tobia\AppData\Roaming\Mozilla\FireFox\Profiles\sw725uwf.default\searchplugins\icqplugin.xml
[2010.05.11 21:31:28 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010.04.25 16:23:25 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2007.04.16 19:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2010.04.01 16:51:20 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 16:51:20 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.04.01 16:51:20 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.01 16:51:20 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.01 16:51:20 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - C:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\FRITZWLANMini.exe (AVM Berlin)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Mirco-Star International CO., LTD.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [jckcomkaØ] C:\Users\Tobia\jckcomkaØ.exe File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Programme\Yahoo!\Messenger\YahooMessenger.exe File not found
O4 - HKCU..\Run: [SansaDispatch] C:\Users\Tobia\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [Steam] d:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Vidalia] d:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe ()
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4l2gbqq.exe ()
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8qkf9a0.exe ()
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fa0vq0k0fa.exe ()
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvvqf9a0vqq.exe ()
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gglgwg1wwb.exe ()
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\i98xxsi6ccx.exe ()
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jzeze76u.exe ()
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mccw40wcmww.exe ()
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 ()
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qk4fvvqffa.exe ()
O4 - Startup: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wmrmrbwmm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - D:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - D:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-3219471608-6437960914-846369492-9024\yv8g67.exe) - C:\RECYCLER\S-1-5-21-3219471608-6437960914-846369492-9024\yv8g67.exe File not found
O20 - HKCU Winlogon: Shell - (C:\Users\Tobia\msgvn.exe) - C:\Users\Tobia\msgvn.exe File not found
O20 - HKCU Winlogon: Shell - (C:\Users\Tobia\AppData\Roaming\xcjv.exe) - C:\Users\Tobia\AppData\Roaming\xcjv.exe File not found
O20 - HKCU Winlogon: Shell - (C:\Users\Tobia\AppData\Roaming\dgixy.exe) - C:\Users\Tobia\AppData\Roaming\dgixy.exe File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\Tobia\AppData\Roaming\ozzfhv.exe) - C:\Users\Tobia\AppData\Roaming\ozzfhv.exe ()
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Tobia\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.04.14 17:32:50 | 000,000,044 | ---- | M] () - D:\AutoRun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.14 05:17:18 | 000,000,058 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{23e31497-5e18-11de-9f26-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{23e31497-5e18-11de-9f26-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare)
O33 - MountPoints2\{58df71a3-600f-11de-b11f-002185e15930}\Shell\AutoRun\command - "" = F:\DRUGIM\ljudima.exe -- File not found
O33 - MountPoints2\{58df71a3-600f-11de-b11f-002185e15930}\Shell\explore\command - "" = F:\DRUGIM\ljudima.exe -- File not found
O33 - MountPoints2\{58df71a3-600f-11de-b11f-002185e15930}\Shell\open\command - "" = F:\DRUGIM\ljudima.exe -- File not found
O33 - MountPoints2\{83635647-5da2-11de-b082-002185e15930}\Shell - "" = AutoRun
O33 - MountPoints2\{83635647-5da2-11de-b082-002185e15930}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found
O33 - MountPoints2\{c65ed23e-754d-11de-ba45-002185e15930}\Shell\AutoRun\command - "" = F:\DRUGIM\ljudima.exe -- File not found
O33 - MountPoints2\{c65ed23e-754d-11de-ba45-002185e15930}\Shell\explore\command - "" = F:\DRUGIM\ljudima.exe -- File not found
O33 - MountPoints2\{c65ed23e-754d-11de-ba45-002185e15930}\Shell\open\command - "" = F:\DRUGIM\ljudima.exe -- File not found
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.dvacm - C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm (Ulead Systems, Inc.)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll ()
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ==========
[2010.08.11 22:03:00 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.08.11 22:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010.08.11 21:47:39 | 000,000,000 | ---D | C] -- C:\Users\Tobia\AppData\Roaming\Malwarebytes
[2010.08.11 21:47:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.11 21:47:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.11 21:47:15 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.11 21:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.08.11 21:45:17 | 000,000,000 | ---D | C] -- C:\Users\Tobia\Desktop\MFTools
[2010.08.08 15:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.08.08 11:32:58 | 000,000,000 | ---D | C] -- C:\Users\Tobia\AppData\Local\CrashRpt
[2010.08.08 11:29:33 | 000,000,000 | ---D | C] -- C:\Users\Tobia\AppData\Local\Procaster
[2010.08.08 11:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\Livestream Procaster
[2010.07.30 23:36:20 | 000,000,000 | ---D | C] -- C:\Users\Tobia\Documents\OneNote-Notizbücher
[2010.07.29 19:49:54 | 000,000,000 | ---D | C] -- C:\Users\Tobia\AppData\Roaming\.minecraft
[2010.06.27 10:29:49 | 000,000,000 | ---D | C] -- C:\Users\Tobia\AppData\Roaming\IGN_DLM
[2010.06.09 21:11:56 | 000,000,000 | ---D | C] -- C:\Windows\1C4551A64743409391E41477CD655043.TMP
[2010.06.05 10:53:40 | 000,000,000 | ---D | C] -- C:\Users\Tobia\AppData\Local\Futuremark
[2010.05.28 20:12:29 | 000,000,000 | ---D | C] -- C:\Users\Tobia\AppData\Roaming\LolClient
[2010.05.25 08:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.05.22 10:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.05.22 10:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger_Plus_Live_Germany
[2010.05.17 16:29:37 | 000,000,000 | -HSD | C] -- C:\found.000
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010.08.11 23:41:04 | 007,077,888 | -HS- | M] () -- C:\Users\Tobia\NTUSER.DAT
[2010.08.11 23:36:42 | 000,042,559 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.08.11 23:36:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.11 23:36:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.11 23:36:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.11 23:36:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.11 23:35:57 | 3220,340,736 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.11 23:33:33 | 003,137,459 | -H-- | M] () -- C:\Users\Tobia\AppData\Local\IconCache.db
[2010.08.11 22:15:39 | 000,524,288 | -HS- | M] () -- C:\Users\Tobia\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.08.11 22:15:39 | 000,065,536 | -HS- | M] () -- C:\Users\Tobia\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.08.11 22:01:25 | 000,000,743 | ---- | M] () -- C:\Users\Tobia\Desktop\NTREGOPT.lnk
[2010.08.11 22:01:25 | 000,000,724 | ---- | M] () -- C:\Users\Tobia\Desktop\ERUNT.lnk
[2010.08.11 21:58:02 | 000,042,559 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.08.11 21:47:19 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.11 21:45:58 | 000,284,915 | ---- | M] () -- C:\Users\Tobia\Desktop\Gmer.zip
[2010.08.11 21:43:20 | 000,410,834 | ---- | M] () -- C:\Users\Tobia\Desktop\Load.exe
[2010.08.11 07:05:19 | 000,043,008 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wmrmrbwmm.exe
[2010.08.11 02:33:07 | 000,043,008 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gglgwg1wwb.exe
[2010.08.10 15:15:20 | 000,043,008 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvvqf9a0vqq.exe
[2010.08.10 06:10:35 | 000,043,008 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mccw40wcmww.exe
[2010.08.10 05:52:54 | 000,043,008 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8qkf9a0.exe
[2010.08.09 23:19:22 | 000,000,582 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Systemprüfung ausführen - Tobia.job
[2010.08.09 15:14:05 | 000,043,008 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qk4fvvqffa.exe
[2010.08.09 06:09:26 | 000,043,008 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4l2gbqq.exe
[2010.08.08 11:29:37 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Livestream Procaster.lnk
[2010.08.08 02:54:54 | 000,043,008 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jzeze76u.exe
[2010.08.07 23:22:05 | 000,000,952 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010.08.07 10:16:50 | 000,043,008 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fa0vq0k0fa.exe
[2010.08.07 02:54:06 | 000,043,008 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\i98xxsi6ccx.exe
[2010.07.31 22:10:13 | 000,190,634 | ---- | M] () -- C:\Users\Tobia\Logo-Hund-2.jpg
[2010.07.31 22:10:10 | 000,190,561 | ---- | M] () -- C:\Users\Tobia\Logo-Hund-3.jpg
[2010.07.30 23:58:22 | 000,000,819 | ---- | M] () -- C:\Users\Tobia\.recently-used.xbel
[2010.07.30 23:54:31 | 000,000,104 | ---- | M] () -- C:\Users\Tobia\Desktop\Papierkorb - Verknüpfung.lnk
[2010.07.30 23:47:20 | 000,243,200 | RHS- | M] () -- C:\Users\Tobia\AppData\Roaming\ozzfhv.exe
[2010.07.30 23:37:12 | 000,003,656 | -HS- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2
[2010.07.30 23:36:18 | 000,001,167 | ---- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2010.07.19 04:07:03 | 362,009,374 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.07.13 22:33:51 | 000,016,951 | ---- | M] () -- C:\Users\Tobia\Desktop\Fish.jpg
[2010.07.04 13:18:47 | 000,000,651 | ---- | M] () -- C:\Users\Public\Desktop\Metal Slug Brutal.lnk
[2010.07.02 09:39:41 | 000,038,408 | ---- | M] () -- C:\Users\Tobia\Documents\PIC_09-09-03_18-06-39.jpg
[2010.07.02 09:38:48 | 000,047,444 | ---- | M] () -- C:\Users\Tobia\Documents\PIC_09-09-03_18-11-43(1).jpg
[2010.06.26 03:08:02 | 001,463,366 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.26 03:08:02 | 000,628,730 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.06.26 03:08:02 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.26 03:08:02 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.06.26 03:08:02 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.11 03:26:25 | 000,303,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.06.01 23:56:40 | 000,015,360 | ---- | M] () -- C:\Users\Tobia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.25 08:08:03 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.08.11 22:20:22 | 000,293,376 | ---- | C] () -- C:\Users\Tobia\Desktop\gmer.exe
[2010.08.11 22:01:25 | 000,000,743 | ---- | C] () -- C:\Users\Tobia\Desktop\NTREGOPT.lnk
[2010.08.11 22:01:25 | 000,000,724 | ---- | C] () -- C:\Users\Tobia\Desktop\ERUNT.lnk
[2010.08.11 21:47:19 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.11 21:45:57 | 000,284,915 | ---- | C] () -- C:\Users\Tobia\Desktop\Gmer.zip
[2010.08.11 21:43:19 | 000,410,834 | ---- | C] () -- C:\Users\Tobia\Desktop\Load.exe
[2010.08.11 07:05:23 | 000,043,008 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wmrmrbwmm.exe
[2010.08.11 02:33:11 | 000,043,008 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gglgwg1wwb.exe
[2010.08.10 15:15:25 | 000,043,008 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvvqf9a0vqq.exe
[2010.08.10 06:10:39 | 000,043,008 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mccw40wcmww.exe
[2010.08.10 05:52:58 | 000,043,008 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8qkf9a0.exe
[2010.08.09 15:14:10 | 000,043,008 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qk4fvvqffa.exe
[2010.08.09 06:09:29 | 000,043,008 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4l2gbqq.exe
[2010.08.08 11:29:37 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Livestream Procaster.lnk
[2010.08.08 02:54:57 | 000,043,008 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jzeze76u.exe
[2010.08.07 23:22:05 | 000,000,952 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010.08.07 10:16:55 | 000,043,008 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fa0vq0k0fa.exe
[2010.08.07 02:54:11 | 000,043,008 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\i98xxsi6ccx.exe
[2010.07.31 22:09:25 | 000,190,634 | ---- | C] () -- C:\Users\Tobia\Logo-Hund-2.jpg
[2010.07.31 22:09:25 | 000,190,561 | ---- | C] () -- C:\Users\Tobia\Logo-Hund-3.jpg
[2010.07.30 23:58:22 | 000,000,819 | ---- | C] () -- C:\Users\Tobia\.recently-used.xbel
[2010.07.30 23:54:31 | 000,000,104 | ---- | C] () -- C:\Users\Tobia\Desktop\Papierkorb - Verknüpfung.lnk
[2010.07.30 23:47:22 | 000,243,200 | RHS- | C] () -- C:\Users\Tobia\AppData\Roaming\ozzfhv.exe
[2010.07.30 23:37:11 | 000,003,656 | -HS- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2
[2010.07.30 23:36:18 | 000,001,167 | ---- | C] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2010.07.13 22:33:46 | 000,016,951 | ---- | C] () -- C:\Users\Tobia\Desktop\Fish.jpg
[2010.07.04 13:18:47 | 000,000,651 | ---- | C] () -- C:\Users\Public\Desktop\Metal Slug Brutal.lnk
[2010.07.02 09:39:40 | 000,038,408 | ---- | C] () -- C:\Users\Tobia\Documents\PIC_09-09-03_18-06-39.jpg
[2010.07.02 09:38:48 | 000,047,444 | ---- | C] () -- C:\Users\Tobia\Documents\PIC_09-09-03_18-11-43(1).jpg
[2010.05.25 08:08:03 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.02.01 19:36:38 | 000,473,600 | ---- | C] () -- C:\Windows\System32\Harmony.dll
[2010.02.01 19:36:38 | 000,237,568 | ---- | C] () -- C:\Windows\System32\Unlha32.dll
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.06.20 15:27:27 | 000,031,616 | ---- | C] () -- C:\Windows\System32\drivers\RLVrtAuCbl.sys
[2008.10.15 04:08:25 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2008.10.15 03:39:08 | 000,001,477 | ---- | C] () -- C:\Windows\TVNXPDrv.ini
[2008.10.15 03:38:52 | 000,003,072 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2008.10.15 02:12:07 | 001,748,352 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008.10.15 02:12:07 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008.10.14 12:51:35 | 000,001,438 | ---- | C] () -- C:\Windows\TVAfaDrv.ini
[2007.12.22 01:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.08.30 00:00:00 | 000,781,312 | ---- | C] () -- C:\Windows\System32\RGSS102J.dll
[2005.08.30 00:00:00 | 000,778,752 | ---- | C] () -- C:\Windows\System32\RGSS102E.dll
[2005.08.30 00:00:00 | 000,771,584 | ---- | C] () -- C:\Windows\System32\RGSS100J.dll
[2005.07.23 06:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2004.03.24 09:24:46 | 000,028,672 | ---- | C] () -- C:\Windows\System32\frapsvid.dll
========== LOP Check ==========
[2010.07.29 19:54:38 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\.minecraft
[2009.07.18 21:29:19 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\acccore
[2010.05.08 13:14:16 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\Beat Hazard
[2009.08.10 17:15:23 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\Bioshock
[2010.04.14 20:28:42 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\GetRightToGo
[2010.05.20 18:58:56 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\gtk-2.0
[2010.06.20 23:31:23 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\ICQ
[2010.05.28 20:12:29 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\LolClient
[2010.05.07 20:32:23 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010.05.11 21:24:52 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\Miranda
[2009.10.03 10:01:06 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\Mount&Blade
[2009.06.20 15:31:31 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\Protector Suite
[2009.12.21 20:51:48 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\runic games
[2010.04.28 16:17:34 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\SanDisk
[2010.04.28 19:01:48 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\SYSTEMAX Software Development
[2009.10.26 16:36:39 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\Tropico 3 Demo
[2010.05.09 14:47:46 | 000,000,000 | ---D | M] -- C:\Users\Tobia\AppData\Roaming\TS3Client
[2010.08.11 22:15:18 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2006.09.18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008.01.21 04:24:42 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008.10.15 02:38:14 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006.09.18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010.08.11 23:35:57 | 3220,340,736 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.14 18:03:21 | 000,001,087 | -H-- | M] () -- C:\IPH.PH
[2009.06.20 15:28:16 | 000,000,171 | ---- | M] () -- C:\msicssetup.log
[2010.08.11 23:35:55 | 3533,967,360 | -HS- | M] () -- C:\pagefile.sys
[2009.06.20 16:24:37 | 000,000,026 | ---- | M] () -- C:\usm.txt
[2009.06.20 15:28:50 | 006,490,890 | ---- | M] () -- C:\worksinstall.log
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
[2006.11.02 14:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006.11.02 14:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006.11.02 14:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006.11.02 14:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006.09.18 23:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006.10.27 04:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.scr >
[2009.07.10 14:10:44 | 000,307,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2010.01.27 17:37:36 | 000,001,674 | -H-- | M] () -- C:\Users\Tobia\AppData\Roaming\Microsoft\LastFlashConfig.WFC
< %PROGRAMFILES%\*.* >
[2008.01.21 04:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.21 04:24:42 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008.01.21 04:24:38 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\user32.dll /md5 >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2006.11.02 11:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-11 01:02:47
< End of report >
--- --- --- Extras.txt:
OTL EXTRAS Logfile:
OTL Logfile: Code:
OTL Extras logfile created on: 11.08.2010 23:41:22 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Tobia\Desktop\MFTools
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 1,06 Gb Free Space | 2,41% Space Free | Partition Type: NTFS
Drive D: | 246,33 Gb Total Space | 34,46 Gb Free Space | 13,99% Space Free | Partition Type: NTFS
Drive E: | 7,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WURSTTHEKE
Current User Name: Tobia
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{053224BE-55C7-4936-87B7-9D585CB62D2E}" = rport=139 | protocol=6 | dir=out | app=system |
"{08564B48-ED2A-4574-BCA0-43B6F50ACCAB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0D99E561-7747-49D9-8657-A492942E23C1}" = lport=137 | protocol=17 | dir=in | app=system |
"{252F05C5-5F81-4D0A-BB85-7C93CBC1A464}" = lport=445 | protocol=6 | dir=in | app=system |
"{4660412B-C292-4BDC-8AC2-557E0B6F3D52}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{70D0EF3B-888E-4C31-A75C-A6D40E8181C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{850A6230-C4F2-4B80-8B66-023198FB0078}" = rport=137 | protocol=17 | dir=out | app=system |
"{C3024134-4E48-44C2-B38F-E893D1BD8E7B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{DD75E74C-E54E-435B-8BF7-7EB1C116E845}" = lport=8377 | protocol=17 | dir=in | name=league of legends launcher |
"{DDAC6C0A-CFE3-4494-8242-71CE7F909876}" = lport=138 | protocol=17 | dir=in | app=system |
"{DE009866-A952-488A-80A2-DD31B23A9E80}" = rport=445 | protocol=6 | dir=out | app=system |
"{E09DDF40-C189-4BE3-8472-0D35AD597BC0}" = rport=138 | protocol=17 | dir=out | app=system |
"{E131D3B9-84A6-4A0D-AEAD-CD24A4A87052}" = lport=8377 | protocol=6 | dir=in | name=league of legends launcher |
"{F649D964-AAB2-4BAD-BAAD-65E882BBA7C3}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CD2FEB-4757-4A75-9453-E7DEDB48D4FB}" = protocol=6 | dir=in | app=d:\program files\dragon age\daoriginslauncher.exe |
"{03BF5308-33C3-43D0-86E1-07B9C4A6370E}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\wontdieforyoursins\garrysmod\hl2.exe |
"{06AD3941-ED82-4498-BD27-366DEECA3437}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{09A7DF9D-0581-4B7C-80DA-F31CD0A0066D}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{0F249E20-544F-4AD7-B15C-265CD3122D48}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{10516D85-A8CC-465D-A71D-738E1592650F}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{17841381-48CC-4DAD-A976-1A076E062307}" = protocol=6 | dir=in | app=d:\program files\icq7.1\icq.exe |
"{1847B9E0-5A01-4C46-9ACF-8196615CB5AA}" = protocol=17 | dir=in | app=d:\program files\icq7.1\aolload.exe |
"{1C4AF2A7-6F7E-4007-9240-2EA32057CC2F}" = protocol=6 | dir=in | app=d:\program files\mass effect 2\binaries\masseffect2.exe |
"{23B6C2B8-414E-4DB9-B14A-FB8F64A782D3}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\wontdieforyoursins\zombie panic! source\hl2.exe |
"{2BEBFFF4-B568-45A7-A2B9-A56DD62EC77C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2BFA15A8-8969-4EA4-8C58-A3DD872D5810}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2F7E1EAC-C71C-457B-B6C8-1C10973F197A}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{30785503-15C5-4A3A-908F-4A19559E12F8}" = protocol=6 | dir=in | app=d:\program files\icq7.1\icq.exe |
"{33E7FA8B-0217-457C-9F7F-8F42EE0B8B07}" = protocol=6 | dir=in | app=d:\program files\electronic arts\battleforge\bootstrapper.exe |
"{37596F0F-C492-4B08-B32B-EF3C01840F40}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{3C6B0A4F-8FA3-46EB-ACB8-76B2FE9FE0E8}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\wontdieforyoursins\zombie panic! source\hl2.exe |
"{3E6DD974-4820-459D-AFDC-5E6843D8F116}" = protocol=17 | dir=in | app=d:\riot games\league of legends\game\league of legends.exe |
"{3F016BFA-5A74-4FE1-91EB-129DA6F55AE7}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{49DAE8C9-CDA0-4F66-8283-9138C0D01165}" = protocol=17 | dir=in | app=d:\program files\dragon age\bin_ship\daorigins.exe |
"{4A8346C1-AAC3-40B8-8CCD-A94861A71EB2}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\the scourge project ep 1 - 2 demo\binaries\win32\scourgegame.exe |
"{4AC3CBCF-00DC-47EA-88E8-9BE2AE626636}" = protocol=17 | dir=in | app=d:\program files\icq7.1\icq.exe |
"{4C1F9298-77FE-469B-ADEC-521086DAC1A6}" = protocol=17 | dir=in | app=d:\program files\mass effect\binaries\masseffect.exe |
"{4CAE5065-FB7A-4855-B3C2-29E6A378FCAC}" = protocol=6 | dir=in | app=d:\program files\mass effect\binaries\masseffect.exe |
"{4D83F791-D429-46F0-A0A5-3B9791FD7078}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{52C420B0-6EE4-42BF-8026-CB2E27089135}" = protocol=6 | dir=in | app=d:\program files\icq7.1\icq.exe |
"{54862E74-EBD9-4EC5-A365-1EEA50A55108}" = protocol=17 | dir=in | app=d:\program files\mass effect 2\binaries\masseffect2.exe |
"{55854C52-A574-4269-B847-08FED5D5286D}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{57960E79-4C09-4B9D-9EA5-CAE79C677D06}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\max and the magic marker demo\max.exe |
"{5A147172-301C-40B3-9D29-C340CA2D30CA}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{60FF4984-D767-4159-BF62-33EE2791E002}" = protocol=6 | dir=in | app=d:\program files\dragon age\bin_ship\daorigins.exe |
"{62AC7184-5876-444A-9EB8-8CEF6DDE3CB0}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{67C4133D-373A-45EC-BA32-94BECD2579AF}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\wontdieforyoursins\garrysmod\hl2.exe |
"{6837FAE8-C884-44E2-9E6E-92E51D1AEB4E}" = protocol=6 | dir=in | app=d:\riot games\league of legends\game\league of legends.exe |
"{71EB6A43-98F5-472E-B544-51E0F45EEBA9}" = protocol=6 | dir=in | app=d:\program files\electronic arts\battleforge\battleforge.exe |
"{72B86192-9697-4720-ABAB-24D1801C2BF6}" = protocol=17 | dir=in | app=d:\program files\icq7.1\aolload.exe |
"{72E5A75C-8E4B-4244-A011-CEFD874C177C}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{772182DA-534D-47FE-8740-A9361E485356}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{77354E28-9FA8-4C63-9C18-CAD21B26DE23}" = protocol=6 | dir=in | app=d:\riot games\league of legends\air\lolclient.exe |
"{78BB79FD-F35B-4FB3-9288-021BC8852896}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{83ACD313-FAEF-4BAB-A210-F152FD310B57}" = protocol=6 | dir=in | app=d:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{8821F8D0-5AD2-488C-8BC2-972EE0FE68D0}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{926156B2-A594-46A6-AA72-ABA8028FF400}" = protocol=6 | dir=in | app=d:\program files\icq7.1\aolload.exe |
"{93C019BF-15EA-42E3-8C1C-C34B838F4BDC}" = protocol=17 | dir=in | app=d:\program files\icq7.1\icq.exe |
"{95AF8DA1-C330-4184-A4AC-73100BDA8784}" = protocol=6 | dir=in | app=d:\program files\mass effect\masseffectlauncher.exe |
"{95D6EFD9-B261-4DBC-A158-43533A9F7301}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{97C1BED6-D422-415F-AAC8-8D1B0B2C4DAC}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\the scourge project ep 1 - 2 demo\binaries\win32\scourgegame.exe |
"{988164BF-3625-4590-ADF8-EA9070912B64}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{993093CE-B8AC-461D-B72F-DDAB42679A09}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9D12B871-19F9-460E-AA60-4825F9D1E900}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9EB6E436-559D-4B38-99FE-8B73F8A97095}" = protocol=17 | dir=in | app=d:\program files\mass effect 2\masseffect2launcher.exe |
"{A0B36739-9C71-4052-8D00-772EC166E4DE}" = protocol=17 | dir=in | app=d:\program files\mass effect\masseffectlauncher.exe |
"{A170A5E4-F8C8-44C3-A7B3-A0863720C918}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{A1948CD5-31A1-4922-B8DD-EFED91F253C4}" = protocol=17 | dir=in | app=d:\program files\eidos\kane and lynch dead men\kaneandlynch.exe |
"{A57066C7-6AFA-4B17-8059-F45409985330}" = protocol=6 | dir=in | app=d:\program files\eidos\kane and lynch dead men\kaneandlynch.exe |
"{AAE8C6C8-8783-4196-8425-856382ECCBD9}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{AB42D078-33EF-456E-BE3E-5545CAC93807}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B03426A9-0FD7-4ED5-AD0F-658026F70F3A}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{B481FCB4-6515-4FB7-B6E5-12E21FA428A3}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{B536CAAC-AAB3-486A-9033-0F06B3D659E5}" = protocol=17 | dir=in | app=d:\program files\electronic arts\battleforge\battleforge.exe |
"{B5A83F0A-131D-4647-A72F-024501D68F33}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B69ED136-E229-453F-8DB3-99070FE6D9D6}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\wontdieforyoursins\age of chivalry\hl2.exe |
"{BA399E53-22EE-40BE-9104-0CEFDC69655C}" = protocol=17 | dir=in | app=d:\program files\icq7.1\icq.exe |
"{C1F8520B-1095-44D2-B515-AAA55C16E759}" = protocol=6 | dir=in | app=d:\program files\mass effect 2\masseffect2launcher.exe |
"{C3542116-0211-48F8-9B1C-F9B53743BBA1}" = protocol=17 | dir=in | app=d:\program files\icq7.1\aolload.exe |
"{C6E4E5AA-01B3-4DC9-AB5F-FD85B6F1FEA9}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{CD106582-E88B-4394-AA7E-4DEE3BCFB69C}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{D36BCAC0-CAB7-4A04-9ABB-40EE37D7F234}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D4F9DB90-433C-4995-B35B-05A7F9F843AF}" = protocol=17 | dir=in | app=d:\program files\electronic arts\battleforge\bootstrapper.exe |
"{DAEDE79C-A06E-4AC5-97F4-6CD177E21791}" = protocol=17 | dir=in | app=d:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{DC9A883F-AEA4-4F00-AD83-D8B2E9315A10}" = protocol=17 | dir=in | app=d:\program files\dragon age\daoriginslauncher.exe |
"{DE197E46-7659-4D00-925B-A80504D50EB9}" = protocol=17 | dir=in | app=d:\riot games\league of legends\air\lolclient.exe |
"{E23135AC-C798-43B8-9919-4AAB43BADFF1}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{EA3B6527-CC9E-4D74-A9BE-E4DD508925B3}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{F089473A-674E-4554-A033-46B57CC13D55}" = protocol=6 | dir=in | app=d:\program files\icq7.1\aolload.exe |
"{F0D0B70A-7BAD-43F6-93AD-4A82F923C8BF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F23C5AA5-1248-4901-B02C-1CD6F78FE8ED}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F3885FD5-8B3C-473E-8A4A-0B62EBDE7B64}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\max and the magic marker demo\max.exe |
"{F3A3554D-EDE3-4070-BE69-3B18439FB826}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F7E9606A-36D0-42EE-99E6-102274D2B8B2}" = protocol=6 | dir=in | app=d:\program files\icq7.1\aolload.exe |
"{FAED840A-3404-45A2-A8C7-1DED9F5D1F32}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\wontdieforyoursins\age of chivalry\hl2.exe |
"TCP Query User{6026D315-06C0-4385-A524-F947ED26DB1E}D:\program files\steam\steamapps\wontdieforyoursins\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\wontdieforyoursins\team fortress 2\hl2.exe |
"UDP Query User{58155752-0A88-4D33-A303-1BE34A0D5EE8}D:\program files\steam\steamapps\wontdieforyoursins\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\wontdieforyoursins\team fortress 2\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{16A81B06-AF93-4C4C-8448-17B10F980B13}" = Symantec Real Time Storage Protection Component
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2158685C-E2B3-4026-B0A1-0FFE31837AFD}" = PlayLinc
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23B14BE4-5277-40B2-B602-3FCD456C27BC}" = Protector Suite QL 5.8
"{259A8A5E-2886-4BED-9EF1-D5485282CCC3}" = Overlord
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2CBCDE92-F30D-4761-82B2-485D7296B6CC}" = SymNet
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160070}" = Java(TM) SE Development Kit 6 Update 7
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60147180-8370-44BC-9BBD-E554D86F0BA3}" = Livestream Procaster
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{70E8EBD5-78C9-4258-B20A-5098CCA000F0}" = Dolby Control Center
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{7F6FA05E-B935-43E3-83CE-75A84A70BACF}_is1" = Metal Slug Brutal v1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0408-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Greek) 2007
"{90120000-0016-0408-0000-0000000FF1CE}_HOMESTUDENTR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0408-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Greek) 2007
"{90120000-0018-0408-0000-0000000FF1CE}_HOMESTUDENTR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0408-0000-0000000FF1CE}" = Microsoft Office Word MUI (Greek) 2007
"{90120000-001B-0408-0000-0000000FF1CE}_HOMESTUDENTR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0408-0000-0000000FF1CE}_HOMESTUDENTR_{3C7DCB2F-8EA1-4558-B8F5-1107C4055A0B}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0408-0000-0000000FF1CE}" = Microsoft Office Proofing (Greek) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0408-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Greek) 2007
"{90120000-006E-0408-0000-0000000FF1CE}_HOMESTUDENTR_{E3B92295-785F-4FF7-8BE1-67E86F5F8140}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_HOMESTUDENTR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_HOMESTUDENTR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0408-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Greek) 2007
"{90120000-00A1-0408-0000-0000000FF1CE}_HOMESTUDENTR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_HOMESTUDENTR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{958AF490-810C-4D3E-AA82-EBA2CE41DA20}" = Station Launcher
"{95C5F81D-0779-4932-BE83-32AAF814F4B9}" = League of Legends
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5
"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{CAD1691A-FA24-4B95-9009-3257B8440ECC}" = Tom Clancy's Splinter Cell Double Agent
"{CD49361E-3FE6-457E-90A1-9C59E29B5D02}" = Java DB 10.3.1.4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1504C77-1B19-4AF0-8DEC-946666123B55}" = CrazyTalk Cam Suite
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD4A8EAF-259A-4604-BA37-40E7DE742A12}" = Ambereh
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"5D38134BF8A10D640B30E6B014EECDBC5F881E3D" = Windows Driver Package - ENE (enecir) HIDClass (04/29/2008 2.5.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AIM_7" = AIM 7
"ERUNT_is1" = ERUNT 1.1j
"Fraps" = Fraps (remove only)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5 SE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live_Germany Toolbar" = Messenger_Plus_Live_Germany Toolbar
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Pen Tablet Driver" = Stifttablett
"Privoxy" = Privoxy 3.0.6
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RTP 1.32 Add-On for RM2k" = RTP 1.32 Add-On for RM2k
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 17500" = Zombie Panic! Source
"Steam App 17510" = Age of Chivalry
"Steam App 215" = Source SDK Base
"Steam App 220" = Half-Life 2
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"Steam App 500" = Left 4 Dead
"Steam App 50830" = Max and the Magic Marker - Demo
"Steam App 550" = Left 4 Dead 2
"Steam App 564" = Left 4 Dead 2 Add-on Support
"Steam App 590" = Left 4 Dead 2 Demo
"Steam App 630" = Alien Swarm
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tor" = Tor 0.2.1.19
"TVAfaDrv" = MSI DVB-T USB BDA Driver
"TVNXPDrv" = MSI TV Tuner Card BDA Driver
"Vidalia" = Vidalia 0.1.15
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinGimp-2.0_is1" = Gimp 2.6.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.7.1
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.08.2010 17:29:55 | Computer Name = Wursttheke | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informationsebene: error Initialisierung des COM-Subsystems ist fehlgeschlagen.
Fehlercode: 0x80004005.
Error - 11.08.2010 17:36:23 | Computer Name = Wursttheke | Source = WinMgmt | ID = 10
Description =
Error - 11.08.2010 17:36:55 | Computer Name = Wursttheke | Source = Windows Search Service | ID = 1006
Description =
Error - 11.08.2010 17:36:55 | Computer Name = Wursttheke | Source = Windows Search Service | ID = 3026
Description =
Error - 11.08.2010 17:38:00 | Computer Name = Wursttheke | Source = Windows Search Service | ID = 1006
Description =
Error - 11.08.2010 17:38:40 | Computer Name = Wursttheke | Source = Windows Search Service | ID = 1006
Description =
Error - 11.08.2010 17:38:40 | Computer Name = Wursttheke | Source = Windows Search Service | ID = 3026
Description =
Error - 11.08.2010 17:39:01 | Computer Name = Wursttheke | Source = Windows Search Service | ID = 1006
Description =
Error - 11.08.2010 17:39:36 | Computer Name = Wursttheke | Source = Windows Search Service | ID = 1006
Description =
Error - 11.08.2010 17:42:55 | Computer Name = Wursttheke | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
--- --- ---
--- --- --- |
