| klein_lola | 25.01.2012 22:16 |
Wunderschönen guten Abend,
leider hab ich auch bis jetz keine Antwort erhalten und poste deshalb mein Porblem jetz hier. http://www.trojaner-board.de/108469-...-gefunden.html
Also wie gesagt beim surfen hat antivir 2 virus-meldungen gebracht, plötzlich ging Firefox aus und danach der ganze Rechner. Da ich nicht untätig rumsitzen wollte habe ich so einige Virenscanner drüber laufen lassen unteranderem: dr.web, mbam und emsisoft, die auch maleware gefunden haben die ich dann gelöscht habe.
einen aktuellen Logfile findet ihr unten.
Danke und VG LOLA
OTL Logfile: Code:
OTL logfile created on: 25.01.2012 16:59:25 - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Lola\Desktop\André\SystemSicherheit\TrojanerBoard
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 35,28% Memory free
4,22 Gb Paging File | 2,77 Gb Available in Paging File | 65,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140,11 Gb Total Space | 13,96 Gb Free Space | 9,96% Space Free | Partition Type: NTFS
Drive F: | 3,72 Gb Total Space | 3,37 Gb Free Space | 90,51% Space Free | Partition Type: FAT32
Computer Name: LOLA-PC | User Name: Lola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.01.22 21:23:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Lola\Desktop\André\SystemSicherheit\TrojanerBoard\OTL.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.01.02 20:22:25 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.06.15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009.04.11 07:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.04.04 18:10:26 | 000,030,152 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2007.07.24 18:26:38 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007.07.24 18:26:38 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007.06.15 11:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007.06.14 07:40:46 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007.03.06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2007.02.25 20:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.11.02 10:45:59 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.02 20:22:24 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.11.18 20:22:27 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2007.06.30 02:07:56 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008.04.04 18:10:26 | 000,030,152 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Service)
SRV - [2008.01.19 08:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.19 08:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.07.24 18:26:38 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007.07.05 18:12:52 | 000,292,152 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007.03.06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2007.02.25 20:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV - [2011.04.27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.06.23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008.11.11 12:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.11 12:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.11 12:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007.07.07 01:10:36 | 002,591,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.06.30 12:04:34 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.06.27 18:29:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007.06.16 01:17:13 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.06.06 01:00:39 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007.05.30 19:14:58 | 000,016,640 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.04.24 18:36:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007.04.24 12:20:06 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007.04.20 01:01:10 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007.04.20 01:01:10 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.03.01 15:53:12 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007.02.13 18:06:36 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006.11.20 16:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006.11.06 09:29:32 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)
DRV - [2006.10.10 18:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2005.08.01 15:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.02.11 10:21:10 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.02.11 10:21:02 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.02.11 10:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005.01.06 12:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7C 55 40 99 EF B1 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.groupon.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Lola\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lola\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lola\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.03.09 15:01:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.11 16:42:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.02 20:22:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.14 14:42:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{A89AED22-9133-424c-88E7-C8235C5FF302}: C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\
[2009.06.19 19:28:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lola\AppData\Roaming\mozilla\Extensions
[2012.01.09 17:47:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lola\AppData\Roaming\mozilla\Firefox\Profiles\qvdnm9g2.default\extensions
[2012.01.09 17:47:12 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Lola\AppData\Roaming\mozilla\Firefox\Profiles\qvdnm9g2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.07.16 12:30:46 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Lola\AppData\Roaming\mozilla\Firefox\Profiles\qvdnm9g2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.09 17:46:59 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Lola\AppData\Roaming\mozilla\Firefox\Profiles\qvdnm9g2.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.04.01 09:48:42 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Lola\AppData\Roaming\mozilla\Firefox\Profiles\qvdnm9g2.default\extensions\engine@conduit.com
[2010.07.27 20:14:08 | 000,000,873 | ---- | M] () -- C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\qvdnm9g2.default\searchplugins\conduit.xml
[2009.02.02 09:53:50 | 000,001,632 | ---- | M] () -- C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\qvdnm9g2.default\searchplugins\live-search.xml
[2010.11.03 18:30:51 | 000,002,057 | ---- | M] () -- C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\qvdnm9g2.default\searchplugins\youtube-videosuche.xml
[2011.11.25 14:38:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.01.02 20:22:26 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.12 20:36:25 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.21 11:08:41 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012.01.02 20:22:22 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.02 20:22:22 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.01.02 20:22:22 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.02 20:22:22 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.02 20:22:22 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.02 20:22:22 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
Hosts file not found
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Lola\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Lola\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090921024610 (PhotoboxPhotowaysUploader5 Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1225017435 (Image Uploader Control)
O16 - DPF: {741747F6-83B4-4FB9-A268-8CA4010762C8} hxxp://www3.snapfish.de/SnapfishActivia2.cab (Snapfish Activia2)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8D3B9EF-A0AB-41E2-979F-2C01C0F80089}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Lola\Pictures\Australien\Familie Underwood\6536_1106299254186_1127920239_30267074_2821584_n.jpg
O24 - Desktop BackupWallPaper: C:\Users\Lola\Pictures\Australien\Familie Underwood\6536_1106299254186_1127920239_30267074_2821584_n.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk - C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe - (TOSHIBA CORPORATION.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Magic-i Visual Effects.lnk - C:\PROGRA~1\ArcSoft\MAGIC-~1\MAGIC-~1.EXE - (ArcSoft, Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk - - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Photo Downloader - hkey= - key= - File not found
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig - StartUpReg: AdVantage Setup - hkey= - key= - File not found
MsConfig - StartUpReg: AlcoholAutomount - hkey= - key= - File not found
MsConfig - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
MsConfig - StartUpReg: BrMfcWnd - hkey= - key= - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
MsConfig - StartUpReg: ControlCenter3 - hkey= - key= - C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: Easy-PrintToolBox - hkey= - key= - C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
MsConfig - StartUpReg: fssui - hkey= - key= - File not found
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - File not found
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\Lola\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
MsConfig - StartUpReg: IndexSearch - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: ISBMgr.exe - hkey= - key= - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: MBBalloon - hkey= - key= - File not found
MsConfig - StartUpReg: msnmsgr - hkey= - key= - File not found
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: PaperPort PTD - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: PPort11reminder - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - File not found
MsConfig - StartUpReg: SSBkgdUpdate - hkey= - key= - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - File not found
MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - File not found
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: Symantec PIF AlertEng - hkey= - key= - File not found
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - File not found
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
MsConfig - State: "startup" - 2
MsConfig - State: "bootini" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.01.24 22:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012.01.24 22:16:56 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012.01.22 22:08:29 | 000,100,864 | ---- | C] (GMER) -- C:\kxldapow.sys
[2012.01.11 17:03:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012.01.11 17:03:00 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.11 17:02:58 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.01.11 17:02:04 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.11 17:02:04 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.01.04 17:27:58 | 000,000,000 | ---D | C] -- C:\Users\Lola\AppData\Roaming\pdfforge
[2012.01.04 17:27:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.01.04 17:27:54 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2012.01.04 17:27:51 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2012.01.04 17:27:51 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL
[2012.01.04 17:27:51 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL
[2012.01.04 17:27:51 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2012.01.04 17:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012.01.04 01:48:42 | 000,354,176 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
[1 C:\Users\Lola\AppData\Roaming\*.tmp files -> C:\Users\Lola\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.01.25 16:59:14 | 000,634,352 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.25 16:59:14 | 000,601,000 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.25 16:59:14 | 000,128,270 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.25 16:59:14 | 000,105,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.25 16:54:23 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.25 16:54:22 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.25 16:54:22 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.25 16:54:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.25 16:54:03 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.25 16:52:21 | 000,002,631 | ---- | M] () -- C:\Users\Lola\Desktop\Microsoft Office Word 2007.lnk
[2012.01.25 05:53:10 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2758217544-4115683230-4201137011-1000UA.job
[2012.01.25 05:39:41 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.24 22:48:36 | 000,001,808 | ---- | M] () -- C:\Users\Lola\Desktop\Microsoft Security Essentials.lnk
[2012.01.24 22:40:23 | 000,002,243 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.01.23 19:53:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2758217544-4115683230-4201137011-1000Core.job
[2012.01.22 22:15:44 | 000,002,032 | ---- | M] () -- C:\Users\Lola\AppData\Local\d3d9caps.dat
[2012.01.22 22:12:24 | 131,775,807 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.01.22 22:08:29 | 000,100,864 | ---- | M] (GMER) -- C:\kxldapow.sys
[2012.01.22 21:25:35 | 000,000,000 | ---- | M] () -- C:\Users\Lola\defogger_reenable
[2012.01.22 17:12:42 | 000,000,000 | ---- | M] () -- C:\Users\Lola\AppData\Local\{2DC0DC1F-7795-48EB-951D-D3D8B60F1C81}
[2012.01.22 17:06:16 | 000,000,000 | ---- | M] () -- C:\Users\Lola\AppData\Local\{AB681BC9-38AD-40E0-A129-E51516C14CF8}
[2012.01.20 09:09:56 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.20 09:04:22 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.01.20 09:04:16 | 000,155,136 | ---- | M] () -- C:\Users\Lola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.17 20:53:04 | 000,002,735 | ---- | M] () -- C:\Users\Lola\Desktop\Microsoft Office Outlook 2007.lnk
[2012.01.17 20:37:06 | 000,225,123 | ---- | M] () -- C:\Users\Lola\Documents\Flug Melbourne.xps
[2012.01.15 15:15:18 | 000,000,098 | ---- | M] () -- C:\Windows\WirelessFTP.INI
[2012.01.07 11:55:13 | 000,002,037 | ---- | M] () -- C:\Users\Lola\Desktop\Google Chrome.lnk
[2012.01.04 17:18:22 | 000,001,899 | ---- | M] () -- C:\Users\Lola\Desktop\Netzwerk.lnk
[2012.01.04 01:48:42 | 000,354,176 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
[1 C:\Users\Lola\AppData\Roaming\*.tmp files -> C:\Users\Lola\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.01.25 16:54:03 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2012.01.24 22:48:36 | 000,001,808 | ---- | C] () -- C:\Users\Lola\Desktop\Microsoft Security Essentials.lnk
[2012.01.24 22:28:29 | 000,002,243 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012.01.24 22:18:10 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.01.22 22:05:50 | 131,775,807 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.01.22 21:25:35 | 000,000,000 | ---- | C] () -- C:\Users\Lola\defogger_reenable
[2012.01.22 17:12:42 | 000,000,000 | ---- | C] () -- C:\Users\Lola\AppData\Local\{2DC0DC1F-7795-48EB-951D-D3D8B60F1C81}
[2012.01.22 17:06:16 | 000,000,000 | ---- | C] () -- C:\Users\Lola\AppData\Local\{AB681BC9-38AD-40E0-A129-E51516C14CF8}
[2012.01.17 20:37:02 | 000,225,123 | ---- | C] () -- C:\Users\Lola\Documents\Flug Melbourne.xps
[2012.01.04 17:27:53 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012.01.04 17:15:10 | 000,001,899 | ---- | C] () -- C:\Users\Lola\Desktop\Netzwerk.lnk
[2011.12.03 19:47:04 | 000,000,036 | ---- | C] () -- C:\Users\Lola\AppData\Roaming\blckdom.res
[2011.05.02 18:14:53 | 000,000,061 | ---- | C] () -- C:\Windows\dcmvwr.INI
[2011.03.16 15:10:23 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.03.16 15:10:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.03.16 15:10:23 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.03.16 15:10:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.03.16 15:10:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.01.29 10:13:28 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.01.26 16:45:18 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2011.01.26 16:45:16 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.01.26 16:41:00 | 000,031,864 | ---- | C] () -- C:\Windows\maxlink.ini
[2010.11.03 08:59:57 | 000,171,288 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010.10.02 09:39:18 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2010.10.02 09:39:18 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2010.10.02 09:39:18 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2010.10.02 09:39:17 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2010.10.02 09:39:17 | 000,000,335 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010.10.02 09:38:18 | 000,032,768 | ---- | C] () -- C:\Windows\System32\osclpthread.dll
[2010.06.14 17:30:52 | 000,003,766 | ---- | C] () -- C:\Windows\scad3.INI
[2009.12.21 16:43:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.12.21 16:43:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.12.03 09:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.10.17 15:51:17 | 000,000,098 | ---- | C] () -- C:\Windows\WirelessFTP.INI
[2009.10.05 11:02:43 | 000,221,291 | ---- | C] () -- C:\Windows\Imei_dll.dll
[2009.10.05 11:02:43 | 000,040,960 | ---- | C] () -- C:\Windows\Sublock.dll
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.05.12 10:38:38 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.12.04 00:30:10 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2008.12.02 12:57:15 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2008.11.25 18:16:04 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.11.25 10:36:43 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2008.11.25 10:36:27 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.11.18 11:00:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.06 17:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.10.16 20:16:44 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2008.10.13 15:48:59 | 000,091,923 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2008.10.13 15:48:59 | 000,076,956 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2008.10.13 15:48:59 | 000,039,121 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2008.10.13 15:48:59 | 000,027,965 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_JP.dat
[2008.03.09 15:01:28 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.01.02 21:38:23 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
[2008.01.02 21:33:14 | 000,007,680 | ---- | C] () -- C:\Windows\System32\CNMVS64.DLL
[2007.12.31 13:34:35 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.12.30 18:38:28 | 004,590,949 | ---- | C] () -- C:\Users\Lola\AppData\Roaming\UserTile.png
[2007.12.28 21:31:27 | 000,155,136 | ---- | C] () -- C:\Users\Lola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.28 21:31:25 | 000,002,032 | ---- | C] () -- C:\Users\Lola\AppData\Local\d3d9caps.dat
[2007.09.08 02:22:22 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2007.08.13 23:00:50 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007.08.13 23:00:50 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007.08.13 23:00:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2007.08.13 23:00:49 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.08.13 23:00:48 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.08.13 23:00:48 | 000,145,050 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.08.13 13:46:45 | 000,000,031 | ---- | C] () -- C:\Windows\System32\elcric.dat
[2007.08.13 04:25:16 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006.12.05 12:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 16:33:31 | 000,634,352 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 16:33:31 | 000,128,270 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,454,240 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,601,000 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,105,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.07.22 20:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2005.04.28 05:22:34 | 000,831,488 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2005.04.28 05:22:34 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2002.03.17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000081.DLL
[1999.04.29 22:00:00 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010.02.20 12:36:58 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\CoSoSys
[2009.09.12 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\DAEMON Tools
[2009.09.12 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\DAEMON Tools Lite
[2011.07.21 16:44:16 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\DVDVideoSoft
[2011.07.21 16:44:11 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.06.28 10:38:36 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\Facebook
[2011.03.21 11:08:53 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\Foxit
[2011.09.24 09:37:14 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\GoPal Assistant
[2011.06.11 13:00:55 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\ICQ
[2008.01.02 21:38:54 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\ICQ Toolbar
[2008.09.05 13:20:40 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\InterVideo
[2011.12.03 19:46:57 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\kock
[2009.01.29 10:41:04 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\Leadertech
[2009.10.05 11:02:33 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\LG Electronics
[2008.11.25 10:40:07 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\MAGIX
[2012.01.04 17:27:58 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\pdfforge
[2011.10.15 09:45:16 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\SmartDraw
[2009.08.05 11:26:01 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\Snapfish
[2011.12.06 20:43:56 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\Synaptics
[2007.12.29 13:37:26 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\temp
[2011.12.17 10:07:56 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\Thunderbird
[2011.12.03 19:49:06 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\UAs
[2008.10.10 17:04:20 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\Ulead Systems
[2011.12.03 19:49:08 | 000,000,000 | ---D | M] -- C:\Users\Lola\AppData\Roaming\xmldm
[2012.01.25 06:21:15 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2007.12.28 21:32:31 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.06.19 12:19:49 | 000,000,000 | -H-D | M] -- C:\BJPrinter
[2009.12.22 21:36:32 | 000,000,000 | -HSD | M] -- C:\Boot
[2007.09.08 02:23:26 | 000,000,000 | ---D | M] -- C:\Documentation
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2007.08.13 13:08:30 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.11.09 23:04:10 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft
[2007.09.08 01:56:14 | 000,000,000 | -H-D | M] -- C:\InstantON
[2009.12.23 10:31:00 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.01.24 22:50:39 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.01.24 22:12:48 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2007.08.13 13:08:31 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.01.25 17:04:26 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.12.10 15:30:16 | 000,000,000 | ---D | M] -- C:\Update
[2008.07.12 22:33:29 | 000,000,000 | R--D | M] -- C:\Users
[2007.09.08 02:33:46 | 000,000,000 | -H-D | M] -- C:\WAUUPGRD
[2012.01.25 06:17:56 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.manifest /3 >
< MD5 for: AFD.SYS >
[2011.04.21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\System32\drivers\afd.sys
[2011.04.21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[2011.04.21 14:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=48EB99503533C27AC6135648E5474457 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[2006.11.02 09:58:43 | 000,270,336 | ---- | M] (Microsoft Corporation) MD5=5D24CAF8EFD924A875698FF28384DB8B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6000.16386_none_d5b1809661820e7c\afd.sys
[2011.04.21 14:28:53 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=70EE0FC7A0F384DBD929A01384AEEB4B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[2008.01.19 06:57:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=763E172A55177E478CB419F88FD0BA03 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[2009.04.11 05:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=A201207363AA900ABF1A388468688570 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[2011.04.21 14:12:21 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=C8AF25017CECB75906A571AC70D2D306 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.01.02 11:16:38 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.01.02 11:16:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: REGEDIT.EXE >
[2008.01.19 08:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.19 08:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
[2006.11.02 10:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-01-23 15:17:19
< >
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB10488$] -> Error: Cannot create file handle -> Unknown point type
< End of report >
--- --- ---
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 25.01.2012 16:59:25 - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Lola\Desktop\André\SystemSicherheit\TrojanerBoard
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 35,28% Memory free
4,22 Gb Paging File | 2,77 Gb Available in Paging File | 65,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140,11 Gb Total Space | 13,96 Gb Free Space | 9,96% Space Free | Partition Type: NTFS
Drive F: | 3,72 Gb Total Space | 3,37 Gb Free Space | 90,51% Space Free | Partition Type: FAT32
Computer Name: LOLA-PC | User Name: Lola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2758217544-4115683230-4201137011-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1BCD507F-B50D-4E8A-88C8-6E7745B4E589}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{313928AC-6873-4143-9C03-5B3345BF15EE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4421DCB8-630D-4DB4-86FC-AA1580F74FFE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6A882AED-EB57-4605-8F8F-B9EC0A2BC0DB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{755E8985-5CFD-4CCA-A241-CC931D956388}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7DCADBE1-B3BB-4AF4-9A0B-51C51A423C05}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{96A5CBBA-7ED0-4087-8AE3-E01638CC13B3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A3BB3043-DF9F-449F-A331-D72D72189C79}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C3257354-F441-420D-B822-493869028369}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0097DFC9-0C9E-46A6-A7F3-DD8972115858}" = dir=in | app=c:\users\lola\andré\bot\tm.exe |
"{00F25E53-61F5-4794-BFC8-1F3DB552DE05}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{033263E1-B6C3-48FA-BE11-2AC43000F246}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{047B9B94-46EB-45FA-BB73-C9B69C3E8625}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{06C118D3-FCB6-4ECD-A7D0-5C5627DBB751}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{06CAFBF4-D8F7-4D52-9ED3-26C46429417F}" = dir=out | app=c:\users\lola\andré\bot\tm.exe |
"{09A6214E-99F4-403E-8332-200C818D7692}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B4A0920-71DA-46E5-819F-89F9EC01C2BA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0DA15515-29DA-4C98-81EB-9F9FD0170A63}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{109ADCC6-2A00-43F2-9DB0-64E19DFEB371}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{124A1F82-DA0D-49A4-84F9-4E5598878181}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{134A03A8-5F63-4AF6-8D26-825BA1A3176B}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\pmsregisterfile.exe |
"{18E1E4FF-DB8F-48F0-B8F3-7D0B99C7E010}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1992CC49-DA9B-4194-86EA-4908B42E4B67}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B3AEAD9-6CE7-42E6-A81E-540664DE5274}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{1B5D8524-B012-4446-96DD-55AAB4AD378E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2428805B-5105-42FD-AEFC-48842ECBB7B7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{245D2D24-ACF9-4366-8BAF-E2C779FB8C5B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24FA3306-4A4B-4C9C-88F2-9BC56ACFA7DF}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{294212B4-8AE9-43B5-8E2E-EC000B2AC0CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C359B0A-F08E-42C9-886A-D9E0BF2D751D}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{365D635D-9135-4D4E-8920-DE691CFAD381}" = dir=in | app=c:\users\lola\andré\bot\tm-update.exe |
"{37AD37F7-A856-4D1F-A163-326CC2595D5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C951F23-F8B9-4CD8-883E-BA613C79B088}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3EB39DF5-52A2-47F3-99ED-7FFA2177D792}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{42F1AEB0-604D-4477-8752-23D3337EDF30}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{493F4D06-696D-426B-AA29-6F7873A730FE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{49E15B77-9939-4886-B028-460C5905D1E9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{522AD36A-FFFE-4126-AA72-D07752A2EA81}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{539B0717-F05D-48CA-AB33-90ACDC7FCA07}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5614D5DE-9916-4402-B44D-5D7279A297F9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{59B87D47-E2DA-448D-88A6-EEEF937A2C9B}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{5AB65810-2F17-4C48-8E70-A2C99374E139}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6016544C-B363-4787-BF03-B0832FDE48F1}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{6145F506-57B3-43D3-BE99-5136995F0E07}" = dir=in | app=c:\users\lola\andré\tmbot\tm-update.exe |
"{61B78875-2495-4BAE-B8D8-8D837F1804DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{626E3007-C1F3-4706-B4B9-2779DB7962C5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{63524210-8497-4B7E-B1B1-EE47E7DE0369}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{6A1C0F73-1B8A-41FE-B1F3-F3ECE708D8C3}" = dir=in | app=c:\users\lola\andré\tmbot\tm.exe |
"{6DE660BF-8BB3-4E4D-A848-592DA918D328}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{6E033E22-8749-4ACE-870B-BBF480035A94}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{760BAA17-8670-435A-9AB6-BE2DF0AC4893}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{7AAED674-A947-47D2-832D-54344C8CE472}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{7D5FC05E-7A63-4EC1-878C-8FA637EE5EF9}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{855445F1-BF36-479E-A08F-323997273223}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90A45946-EFB3-4580-A62E-5CBB671BBCA2}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\pmsregisterfile.exe |
"{946E3799-6F62-44FD-A05A-3B272091D25B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{958F7913-4F3B-4FD2-A902-80349C64BDAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{99C63583-0DFE-4176-BD7A-5094C6D056B6}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{9B7294B0-2DF8-4E07-BC66-6C66E7779129}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{9D4478E7-F51C-472E-BAEC-9490DA9D0337}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{A23A265B-AE7D-48D8-A5F9-6A8A6A92CC96}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{A7F08D2E-D852-48BE-8D21-52A7A5C2D426}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{B321E8E5-A83F-40BD-81BC-50359C51A8E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B58D8590-E60A-4B1F-A8F1-7723416D2983}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{B8921F62-E2B8-4664-BD1A-E09D54176B75}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{BEEBE0A3-E3F5-437F-8D64-7ADD924E496E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C457CF1B-A3BD-4EEA-B4A7-F203A893EC91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C5B1111F-8694-4779-8F16-69DD0B0B86A8}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CCFBACC2-42EA-407F-A0BB-1B0C3DA893D2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CD39CEE3-F3FC-4D33-A8C7-1684AC217D96}" = dir=out | app=c:\users\lola\andré\tmbot\tm.exe |
"{CEBB6059-DB34-4CBA-AAB4-5F61FA50C296}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{D203A10E-6ACE-493B-9E48-2E59D0D6025C}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{D5A4C2FF-4782-4019-9CB8-06360B079953}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{DA80FA97-1E61-4ED5-A821-09AE6A83DE86}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DC664095-EB23-4EB0-9F30-C09E620485A2}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{DE8DCE3A-6EF1-45C2-930E-7DD8AA35DBC1}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{E0C9009B-C19D-4B58-BD45-38E158FD1843}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{E17A3BBA-410F-43EF-91A9-0127FCDDD94C}" = dir=in | app=c:\users\lola\andré\bot\dj-browser.exe |
"{E24D4594-1816-4582-959B-54DB80B87679}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E26E1518-9C56-475D-A03B-E2A203ADE530}" = dir=in | app=c:\users\lola\andré\tmbot\dj-browser.exe |
"{EF18D3D4-228E-4B4E-8297-7877ABE4AEA6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FB335709-9B15-41D8-99EF-EC6AF21544D1}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{FC8B0B22-1C01-4BB8-8176-912917084F14}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{FC8D219E-A2BF-4BFF-952C-E545788C6D07}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{0D82AE47-7D1B-4C22-9A3A-B15251DED30A}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{4C98027F-9ACD-41E2-BE9C-1C0665F85CCC}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{5684C1F4-3636-4754-BF7F-45F665F76DA2}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{58C17E95-E894-42C8-82B9-B53C59E840F3}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{85CBE143-0C8F-43B5-B215-0F47891CBBF0}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{B4A31CA3-C3D1-4D86-BB7F-4AD4BD9B3415}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{E3903609-E225-44C1-BE7D-EEE4DE841C7C}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{EFF87D5C-4066-488C-A8E6-77B476D89CE6}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{0A4C4FC2-14B5-4BDC-BEF7-8FF9C2E28B5B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{120978B6-C7D3-4E45-A41F-3944A5CD6C28}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{224DCD63-658D-42DF-8F36-6FB6DA9D236B}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{4472D1E0-5DC6-4567-BDB6-0C06D7345E28}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{666ED7F3-48F1-4638-97F7-8F9E7E5B495E}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{9DCEE5A3-F736-4D55-8956-9C9E8593ED0B}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{A46884C0-8080-43B8-8395-E20C5AFAC4E2}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{CB0A0CC8-088A-4875-B3EC-F604BCC3BF24}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22FB6750-ADDF-4726-B67F-6901E1991031}" = Nero 7 Essentials
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2C3CE8F0-F4AD-4D54-A520-975309C617E2}" = LG PC Suite III
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{56345504-DE57-4528-A18B-A567D1E52928}" = ArcSoft Magic-i Visual Effects
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5F12E9D1-402C-4672-86D7-52E86A3A1411}" = VAIO Content Importer VAIO Content Exporter
"{6110F38A-5BE6-4199-AC96-D2DD6B4A3ADE}" = VAIO Content Metadata Intelligent Analyzing Manager
"{638BAD93-701B-482A-86C6-72DFF3E6FE51}" =
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = VAIO Content Importer / VAIO Content Exporter
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-195C
"{6C1EC809-88C6-4111-A6E0-0C6E203B3818}" = VAIO Movie Story 1.3 Upgrade
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C404084-C5A6-42FF-B731-0BAC79A6E134}" = VAIO Original Funktion Einstellungen
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95229EF6-F4A1-413A-BA50-668311FAFE19}" = VAIO Original Function Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}" = ArcSoft Magic-i Visual Effects Installer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AFBA0609-EB70-43CB-B11C-294EDADFA101}" =
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = v2011.build.44
"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E4D96ABB-E0D8-4CA4-856E-A2703F5490F0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers
"{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}" = VAIO Content Metadata Intelligent Analyzing Manager
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CANONBJ_Deinstall_CNMCP64.DLL" = Canon PIXMA iP4000
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"conduitEngine" = Conduit Engine
"Defraggler" = Defraggler
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"dt icon module" =
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"eBay HTML" =
"ENTERPRISE" = Microsoft Office Enterprise 2007
"fotokasten comfort_is1" = fotokasten comfort 4.2
"FotoQuelle Fotosoftware" = FotoQuelle Fotosoftware 4.11.0
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.9.721
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.1.715
"gtfirstboot Setting Request" =
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"IpodConverter_is1" = IpodConverter 1.1
"LTspice IV" = LTspice IV
"Medion GoPal Assistant" = Medion GoPal Assistant 4.00.0003
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MP3-Cutter" = MP3-Cutter
"PokerStars" = PokerStars
"Rainbow Client Activator 2.2 English" = Client Activator 2.2 - English
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.9.1
"VAIO Help and Support" =
"VAIO MFU Module" =
"VAIO Xblack Contents" = VAIO Xblack Contents
"VLC media player" = VLC media player 1.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.01.2012 17:31:11 | Computer Name = Lola-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung 40rble00.exe, Version 1.0.15.15641, Zeitstempel
0x4e21f2b1, fehlerhaftes Modul 40rble00.exe, Version 1.0.15.15641, Zeitstempel
0x4e21f2b1, Ausnahmecode 0xc0000005, Fehleroffset 0x0000c676, Prozess-ID 0x66c, Anwendungsstartzeit
01ccd94cf21948fd.
Error - 22.01.2012 17:32:07 | Computer Name = Lola-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung 40rble00.exe, Version 1.0.15.15641, Zeitstempel
0x4e21f2b1, fehlerhaftes Modul 40rble00.exe, Version 1.0.15.15641, Zeitstempel
0x4e21f2b1, Ausnahmecode 0xc0000005, Fehleroffset 0x0000c676, Prozess-ID 0x5d8, Anwendungsstartzeit
01ccd94d2d7f187d.
Error - 22.01.2012 17:43:48 | Computer Name = Lola-PC | Source = System Restore | ID = 8193
Description =
Error - 23.01.2012 11:08:00 | Computer Name = Lola-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung 40rble00.exe, Version 1.0.15.15641, Zeitstempel
0x4e21f2b1, fehlerhaftes Modul 40rble00.exe, Version 1.0.15.15641, Zeitstempel
0x4e21f2b1, Ausnahmecode 0xc0000005, Fehleroffset 0x0000c676, Prozess-ID 0xdb8, Anwendungsstartzeit
01ccd9e07275184f.
Error - 24.01.2012 17:15:03 | Computer Name = Lola-PC | Source = VSS | ID = 8194
Description =
Error - 24.01.2012 17:36:38 | Computer Name = Lola-PC | Source = EventSystem | ID = 4609
Description =
Error - 24.01.2012 17:40:24 | Computer Name = Lola-PC | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF11 Description:Can’t install Microsoft Security Essentials
on a computer running in safe mode. Your computer is currently running in safe
mode. To install Security Essentials, your computer must be running in normal mode.
Please restart your computer in normal mode, and then try to run the Security Essentials
Setup Wizard again. Error code:0x8004FF11.
Error - 24.01.2012 17:40:38 | Computer Name = Lola-PC | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =
Error - 25.01.2012 11:36:09 | Computer Name = Lola-PC | Source = EventSystem | ID = 4609
Description =
Error - 25.01.2012 11:46:02 | Computer Name = Lola-PC | Source = System Restore | ID = 8193
Description =
[ Media Center Events ]
Error - 23.09.2009 07:42:28 | Computer Name = Lola-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
--- --- --- |
