| problem00 | 12.06.2011 19:11 |
Danke vielmals für die schnelle Antwort!
OTLOTL Logfile: Code:
OTL logfile created on: 11.06.2011 22:36:09 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Claudia\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,93 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 40,22% Memory free
6,08 Gb Paging File | 4,25 Gb Available in Paging File | 69,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 140,17 Gb Free Space | 62,89% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: BERND-PC | User Name: Claudia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Claudia\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\36429560.exe (Microsoft Corporation)
PRC - C:\ProgramData\ECXHYIMSihMUVK.exe (Microsoft Corporation)
PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Programme\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe (SPAMfighter ApS)
PRC - C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\twkpxev.exe ()
PRC - C:\Users\Claudia\AppData\Roaming\GabPath\gabpath.exe ()
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Duden\Duden Korrektor\DKTray.exe (Expert System S.p.A.)
PRC - C:\Programme\Duden\Duden-Bibliothek\dudenbib.exe (Bibliographisches Institut GmbH)
PRC - C:\Programme\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe (Symantec Corporation)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Windows\System32\HPSIsvc.exe (HP)
PRC - C:\Programme\GMX\LiveUpdate\m2LUTray.exe ()
PRC - C:\Programme\HP\HPLaserJetService\HPLaserJetService.exe (HP)
PRC - C:\Users\Claudia\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\eMachines\eMachines Power Management\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\eMachines\eMachines Power Management\ePowerEvent.exe (Acer Incorporated)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WerFault.exe (Microsoft Corporation)
PRC - C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
PRC - C:\Programme\Common Files\Teleca Shared\Generic.exe (Teleca AB)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
========== Modules (SafeList) ==========
MOD - C:\Users\Claudia\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Norton Internet Security\Engine\17.8.0.5\asoehook.dll (Symantec Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\Norton Internet Security\Engine\17.8.0.5\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation)
MOD - C:\Programme\Norton Internet Security\Engine\17.8.0.5\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation)
MOD - C:\Programme\eMachines\eMachines Power Management\SysHook.dll (Acer Incorporated)
========== Win32 Services (SafeList) ==========
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe (Symantec Corporation)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (HPSIService) -- C:\Windows\System32\HPSIsvc.exe (HP)
SRV - (HP LaserJet Service) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe (HP)
SRV - (ePowerSvc) -- C:\Programme\eMachines\eMachines Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (GameConsoleService) -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
========== Driver Services (SafeList) ==========
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx86.sys (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100914.003\IDSvix86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1108000.005\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1108000.005\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1108000.005\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1108000.005\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1108000.005\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1108000.005\ccHPx86.sys (Symantec Corporation)
DRV - (mvusbews) -- C:\Windows\System32\drivers\mvusbews.sys (Marvell Semiconductor, Inc.)
DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1108000.005\SYMDS.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C60x86.sys (Atheros Communications, Inc.)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM) -- C:\Windows\System32\drivers\s716unic.sys (MCCI Corporation)
DRV - (s716obex) -- C:\Windows\System32\drivers\s716obex.sys (MCCI Corporation)
DRV - (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS) -- C:\Windows\System32\drivers\s716nd5.sys (MCCI Corporation)
DRV - (s716mdm) -- C:\Windows\System32\drivers\s716mdm.sys (MCCI Corporation)
DRV - (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s716mgmt.sys (MCCI Corporation)
DRV - (s716mdfl) -- C:\Windows\System32\drivers\s716mdfl.sys (MCCI Corporation)
DRV - (s716bus) Sony Ericsson Device 716 driver (WDM) -- C:\Windows\System32\drivers\s716bus.sys (MCCI Corporation)
DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0c07&s=2&o=vp32&d=0609&m=g725
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=0e4a8b2100000000000000235ad72633&tlver=1.4.19.19&ss=1&affID=17395
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0c07&s=2&o=vp32&d=0609&m=g725
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.tangotoolbar.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.order.2: "amazon.de"
FF - prefs.js..browser.search.order.3: "1und1 Suche"
FF - prefs.js..browser.search.order.4: "amazon.de"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=0e4a8b2100000000000000235ad72633&tlver=1.4.19.19&ss=1&affID=17395"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {C473DC2B-895F-4E11-B8BF-FF28DFD62829}:1.7.3
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {25AAD618-76C8-4E6A-9768-8320705379EC}:1.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.3.3.2
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=FWV5&o=14197&locale=de_US&apn_uid=DDC4F023-98D7-4B1F-8799-68F8DEFD98C6&apn_ptnrs=FN&apn_sauid=DD386C25-B35F-4986-BD74-00EA7016BA33&apn_dtid=TES002YYAT&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010.05.29 12:23:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010.01.28 00:47:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}: C:\Users\Claudia\AppData\Roaming\Mozilla\FireFox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66} [2011.06.11 16:19:29 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.19 11:34:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.19 11:34:21 | 000,000,000 | ---D | M]
[2010.01.23 12:20:28 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Claudia\AppData\Roaming\mozilla\Extensions
[2011.06.11 15:14:57 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions
[2011.06.11 16:19:28 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.11 16:19:28 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.06.11 16:19:29 | 000,000,000 | -H-D | M] (Update Notifier) -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2011.06.11 16:19:29 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.06.11 16:19:29 | 000,000,000 | -H-D | M] (softonic-de3 Community Toolbar) -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.06.11 16:19:29 | 000,000,000 | -H-D | M] (DVDVideoSoft Toolbar) -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011.06.11 16:19:27 | 000,000,000 | -H-D | M] (Conduit Engine) -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions\engine@conduit.com
[2011.06.11 16:19:27 | 000,000,000 | -H-D | M] (Plasmoo Search Engine) -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions\engine@plasmoo.com
[2011.06.11 15:15:05 | 000,000,000 | -H-D | M] (Babylon) -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions\ffxtlbr@babylon.com
[2011.06.11 16:19:27 | 000,000,000 | -H-D | M] (Ask Toolbar) -- C:\Users\Claudia\AppData\Roaming\mozilla\Firefox\Profiles\glc5dc9v.default\extensions\toolbar@ask.com
[2010.01.23 16:21:02 | 000,005,591 | -H-- | M] () -- C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\glc5dc9v.default\searchplugins\1und1-suche.xml
[2010.01.23 16:20:58 | 000,001,371 | -H-- | M] () -- C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\glc5dc9v.default\searchplugins\amazonde.xml
[2011.06.10 09:10:08 | 000,002,396 | -H-- | M] () -- C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\glc5dc9v.default\searchplugins\askcom.xml
[2010.12.08 16:47:52 | 000,000,927 | -H-- | M] () -- C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\glc5dc9v.default\searchplugins\conduit.xml
[2011.04.28 19:42:58 | 000,001,975 | -H-- | M] () -- C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\glc5dc9v.default\searchplugins\plasmoo.xml
[2011.06.10 11:18:07 | 000,001,418 | -H-- | M] () -- C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\glc5dc9v.default\searchplugins\preisvergleich.xml
[2010.01.23 16:20:59 | 000,005,588 | -H-- | M] () -- C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\glc5dc9v.default\searchplugins\webde-suche.xml
[2011.04.22 08:14:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.05.10 17:20:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.12.28 15:52:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.19 11:34:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2011.04.19 11:34:23 | 000,000,000 | ---D | M] (GMX Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net
File not found (No name found) --
[2010.05.10 17:20:20 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.12.28 15:52:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.05.29 12:23:55 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPLGN
() (No name found) -- C:\USERS\CLAUDIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GLC5DC9V.DEFAULT\EXTENSIONS\{C473DC2B-895F-4E11-B8BF-FF28DFD62829}.XPI
() (No name found) -- C:\USERS\CLAUDIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GLC5DC9V.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI
[2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.06.11 15:15:16 | 000,002,428 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\17.8.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Tango) - {DE56DA9B-7965-44B3-9386-7C2F2D23F26A} - File not found
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Tango) - {DE56DA9A-7965-44B3-9386-7C2F2D23F26A} - File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Tango) - {DE56DA9A-7965-44B3-9386-7C2F2D23F26A} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [GMX Update] C:\Programme\GMX\LiveUpdate\m2LUTray.exe ()
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\eMachines\WR_PopUp\WarReg_PopUp.exe (eMachines)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Duden Korrektor SysTray] C:\Programme\Duden\Duden Korrektor\DKTray.exe (Expert System S.p.A.)
O4 - HKCU..\Run: [ECXHYIMSihMUVK] C:\ProgramData\ECXHYIMSihMUVK.exe (Microsoft Corporation)
O4 - HKCU..\Run: [GabPath] C:\Users\Claudia\AppData\Roaming\GabPath\gabpath.exe ()
O4 - HKCU..\Run: [hvhlcGymBdBoPf2jvFT] C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\twkpxev.exe ()
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Claudia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Claudia\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Claudia\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Claudia\Pictures\henrietta300.jpg
O24 - Desktop BackupWallPaper: C:\Users\Claudia\Pictures\henrietta300.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4ab9a173-7bd4-11de-a0c1-00235ad72633}\Shell - "" = AutoRun
O33 - MountPoints2\{4ab9a173-7bd4-11de-a0c1-00235ad72633}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4ab9a187-7bd4-11de-a0c1-00235ad72633}\Shell - "" = AutoRun
O33 - MountPoints2\{4ab9a187-7bd4-11de-a0c1-00235ad72633}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a41ada2d-88db-11de-bbc1-00235ad72633}\Shell - "" = AutoRun
O33 - MountPoints2\{a41ada2d-88db-11de-bbc1-00235ad72633}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{fd9b9402-80ab-11de-94a7-00235ad72633}\Shell - "" = AutoRun
O33 - MountPoints2\{fd9b9402-80ab-11de-94a7-00235ad72633}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.06.11 21:32:08 | 000,000,000 | -H-D | C] -- C:\Users\Claudia\AppData\Roaming\Malwarebytes
[2011.06.11 21:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.11 21:31:32 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.06.11 21:31:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2011.06.11 21:31:23 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.06.11 21:16:20 | 000,000,000 | -H-D | C] -- C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ToolHouse
[2011.06.11 21:16:08 | 000,000,000 | ---D | C] -- C:\Programme\toolstarFRPRO DEMO
[2011.06.11 18:25:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\TuneUp Software
[2011.06.11 18:25:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.06.11 15:30:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\SweetIM
[2011.06.11 15:30:06 | 000,000,000 | ---D | C] -- C:\Programme\SweetIM
[2011.06.11 15:29:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Data Recovery Wizard 5.0.1 Demo
[2011.06.11 15:29:37 | 000,000,000 | ---D | C] -- C:\Programme\EASEUS
[2011.06.11 15:28:49 | 003,856,864 | -H-- | C] (EASEUS ) -- C:\Users\Claudia\Desktop\EaseusDataRecoveryWizard5.0.1.exe
[2011.06.11 15:21:52 | 000,000,000 | -H-D | C] -- C:\Users\Claudia\AppData\Roaming\Uniblue
[2011.06.11 15:21:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011.06.11 15:21:45 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2011.06.11 15:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011.06.11 15:14:54 | 000,000,000 | ---D | C] -- C:\Programme\BabylonToolbar
[2011.06.11 15:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2011.06.11 15:14:42 | 000,000,000 | ---D | C] -- C:\Programme\Recuva
[2011.06.11 15:13:15 | 002,451,576 | -H-- | C] (Piriform Ltd) -- C:\Users\Claudia\Desktop\rcsetup1.40.525.exe
[2011.06.11 09:54:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\WindowsSearch
[2011.06.11 09:13:04 | 000,000,000 | -H-D | C] -- C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Restore
[2011.06.11 09:12:49 | 000,379,904 | -H-- | C] (Microsoft Corporation) -- C:\ProgramData\36429560.exe
[2011.06.11 09:03:44 | 000,477,184 | -H-- | C] (Microsoft Corporation) -- C:\ProgramData\ECXHYIMSihMUVK.exe
[2011.06.04 21:14:55 | 000,000,000 | -H-D | C] -- C:\Users\Claudia\Desktop\et nytt barn
[2011.06.01 07:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.05.30 20:29:47 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Plasmoo
[2011.05.30 20:29:23 | 000,000,000 | -H-D | C] -- C:\Users\Claudia\AppData\Roaming\DVDVideoSoft
[2011.05.28 14:16:45 | 000,000,000 | -H-D | C] -- C:\Users\Claudia\AppData\Roaming\go
[2011.05.28 14:16:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\Easybits GO
[2010.08.25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
========== Files - Modified Within 30 Days ==========
[2011.06.11 22:40:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.11 22:32:38 | 000,000,000 | ---- | M] () -- C:\Users\Claudia\defogger_reenable
[2011.06.11 22:00:32 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.11 22:00:32 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter-Claudia-Startup.job
[2011.06.11 22:00:32 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011.06.11 22:00:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.11 22:00:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.11 22:00:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.11 22:00:07 | 3147,800,576 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.11 21:26:40 | 000,000,680 | -H-- | M] () -- C:\Users\Claudia\AppData\Local\d3d9caps.dat
[2011.06.11 21:16:20 | 000,001,948 | -H-- | M] () -- C:\Users\Claudia\Desktop\file-recovery-professional DEMO.lnk
[2011.06.11 21:13:58 | 008,349,872 | -H-- | M] () -- C:\Users\Claudia\Desktop\FRCDEM.zip
[2011.06.11 15:28:52 | 003,856,864 | -H-- | M] (EASEUS ) -- C:\Users\Claudia\Desktop\EaseusDataRecoveryWizard5.0.1.exe
[2011.06.11 15:21:46 | 000,001,593 | -H-- | M] () -- C:\Users\Claudia\Desktop\Uniblue RegistryBooster.lnk
[2011.06.11 15:13:18 | 002,451,576 | -H-- | M] (Piriform Ltd) -- C:\Users\Claudia\Desktop\rcsetup1.40.525.exe
[2011.06.11 09:13:13 | 000,000,595 | -H-- | M] () -- C:\Users\Claudia\Desktop\Windows Vista Restore.lnk
[2011.06.11 09:13:06 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~36429560r
[2011.06.11 09:13:06 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~36429560
[2011.06.11 09:12:55 | 000,000,336 | -H-- | M] () -- C:\ProgramData\36429560
[2011.06.11 09:12:50 | 000,379,904 | -H-- | M] (Microsoft Corporation) -- C:\ProgramData\36429560.exe
[2011.06.11 09:03:41 | 000,477,184 | -H-- | M] (Microsoft Corporation) -- C:\ProgramData\ECXHYIMSihMUVK.exe
[2011.06.10 18:43:15 | 000,000,478 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Claudia.job
[2011.06.09 10:17:41 | 000,633,580 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.09 10:17:41 | 000,600,138 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.09 10:17:41 | 000,128,990 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.09 10:17:41 | 000,106,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.06 01:06:07 | 000,646,087 | -H-- | M] () -- C:\Users\Claudia\Documents\Bild 9.png
[2011.06.06 00:53:39 | 000,496,764 | -H-- | M] () -- C:\Users\Claudia\Documents\Bild 8.png
[2011.06.06 00:52:42 | 000,616,400 | -H-- | M] () -- C:\Users\Claudia\Documents\Bild 6.png
[2011.06.06 00:47:23 | 000,607,541 | -H-- | M] () -- C:\Users\Claudia\Documents\Bild 5.png
[2011.06.06 00:45:31 | 000,596,806 | -H-- | M] () -- C:\Users\Claudia\Documents\Bild 2.png
[2011.06.06 00:41:08 | 000,204,817 | -H-- | M] () -- C:\Users\Claudia\Documents\Bild 1.png
[2011.05.30 20:30:43 | 000,001,034 | -H-- | M] () -- C:\Users\Claudia\Desktop\DVDVideoSoft Free Studio.lnk
[2011.05.30 07:01:47 | 000,000,907 | -H-- | M] () -- C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011.05.30 07:01:46 | 000,000,927 | -H-- | M] () -- C:\Users\Claudia\Desktop\Dropbox.lnk
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.27 10:41:40 | 000,001,392 | -H-- | M] () -- C:\Users\Claudia\AppData\Roaming\wklnhst.dat
[2011.05.23 11:35:44 | 001,567,497 | -H-- | M] () -- C:\Users\Claudia\Documents\leksjon 14-2.wma
[2011.05.23 11:32:53 | 007,444,907 | -H-- | M] () -- C:\Users\Claudia\Documents\leksjon 14.wma
[2011.05.21 17:34:05 | 000,077,224 | -H-- | M] () -- C:\ProgramData\dudenbib.wav
========== Files Created - No Company Name ==========
[2011.06.11 22:32:38 | 000,000,000 | ---- | C] () -- C:\Users\Claudia\defogger_reenable
[2011.06.11 21:16:20 | 000,001,948 | -H-- | C] () -- C:\Users\Claudia\Desktop\file-recovery-professional DEMO.lnk
[2011.06.11 21:13:51 | 008,349,872 | -H-- | C] () -- C:\Users\Claudia\Desktop\FRCDEM.zip
[2011.06.11 15:21:56 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2011.06.11 15:21:46 | 000,001,593 | -H-- | C] () -- C:\Users\Claudia\Desktop\Uniblue RegistryBooster.lnk
[2011.06.11 09:13:11 | 000,000,595 | -H-- | C] () -- C:\Users\Claudia\Desktop\Windows Vista Restore.lnk
[2011.06.11 09:13:06 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~36429560r
[2011.06.11 09:13:05 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~36429560
[2011.06.11 09:12:55 | 000,000,336 | -H-- | C] () -- C:\ProgramData\36429560
[2011.06.06 01:06:04 | 000,646,087 | -H-- | C] () -- C:\Users\Claudia\Documents\Bild 9.png
[2011.06.06 00:53:37 | 000,496,764 | -H-- | C] () -- C:\Users\Claudia\Documents\Bild 8.png
[2011.06.06 00:52:39 | 000,616,400 | -H-- | C] () -- C:\Users\Claudia\Documents\Bild 6.png
[2011.06.06 00:47:20 | 000,607,541 | -H-- | C] () -- C:\Users\Claudia\Documents\Bild 5.png
[2011.06.06 00:45:28 | 000,596,806 | -H-- | C] () -- C:\Users\Claudia\Documents\Bild 2.png
[2011.06.06 00:41:06 | 000,204,817 | -H-- | C] () -- C:\Users\Claudia\Documents\Bild 1.png
[2011.05.28 14:16:46 | 000,001,587 | -H-- | C] () -- C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk
[2011.05.23 11:35:44 | 001,567,497 | -H-- | C] () -- C:\Users\Claudia\Documents\leksjon 14-2.wma
[2011.05.23 11:32:53 | 007,444,907 | -H-- | C] () -- C:\Users\Claudia\Documents\leksjon 14.wma
[2011.03.20 11:16:28 | 000,028,672 | -H-- | C] () -- C:\Windows\System32\wshqos32.dll
[2011.01.18 20:38:37 | 000,001,940 | -H-- | C] () -- C:\Users\Claudia\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010.12.15 21:26:48 | 000,000,783 | -H-- | C] () -- C:\Windows\NTIWVEDT.INI
[2010.10.05 18:59:20 | 001,265,664 | -H-- | C] () -- C:\Windows\System32\HPM1210SM.exe
[2010.10.05 18:59:19 | 000,163,840 | -H-- | C] () -- C:\Windows\System32\HPM1210LM.DLL
[2010.10.05 18:56:59 | 000,284,160 | -H-- | C] () -- C:\Windows\System32\mvhlewsi.dll
[2010.10.05 18:56:57 | 000,081,920 | ---- | C] () -- C:\Windows\System32\mvusbews.dll
[2010.10.05 18:56:56 | 000,167,936 | ---- | C] () -- C:\Windows\System32\m1130wia.dll
[2010.10.05 18:56:56 | 000,053,760 | -H-- | C] () -- C:\Windows\System32\HPM1210SMs.dll
[2010.09.09 13:34:07 | 000,077,224 | -H-- | C] () -- C:\ProgramData\dudenbib.wav
[2010.08.25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.08.25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.08.25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.08.25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010.08.25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010.08.25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010.05.06 19:41:17 | 000,000,680 | -H-- | C] () -- C:\Users\Claudia\AppData\Local\d3d9caps.dat
[2009.08.31 22:15:04 | 000,000,130 | -H-- | C] () -- C:\Windows\wininit.ini
[2009.08.19 17:59:46 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.12 16:28:30 | 000,053,478 | -H-- | C] () -- C:\Windows\mvtcpui.ini
[2009.08.03 15:07:42 | 000,403,816 | -H-- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | -H-- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.08.02 16:37:51 | 000,048,640 | -H-- | C] () -- C:\Users\Claudia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.29 16:13:06 | 000,284,160 | -H-- | C] () -- C:\Windows\unin0407.exe
[2009.07.28 19:44:11 | 000,001,392 | -H-- | C] () -- C:\Users\Claudia\AppData\Roaming\wklnhst.dat
[2009.06.22 12:47:56 | 000,626,688 | -H-- | C] () -- C:\Windows\Image.dll
[2009.06.22 12:47:56 | 000,009,216 | -H-- | C] () -- C:\Windows\usbvideo_reg.exe
[2009.06.22 12:47:56 | 000,000,036 | -H-- | C] () -- C:\Windows\PidList.ini
[2009.04.07 06:32:10 | 000,022,723 | -H-- | C] () -- C:\Windows\System32\cl31cl3.dll
[2009.03.04 03:48:30 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1591.dll
[2009.03.04 03:48:30 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2009.03.03 20:44:54 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2009.03.03 20:44:54 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009.03.03 20:44:54 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009.03.03 20:44:54 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009.03.03 19:33:45 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.03.03 19:33:45 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.01.21 09:15:58 | 000,633,580 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,128,990 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,546,552 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,600,138 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,106,014 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
< End of report >
--- --- ---
Extras
OTL Logfile: Code:
OTL Extras logfile created on: 11.06.2011 22:36:09 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Claudia\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,93 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 40,22% Memory free
6,08 Gb Paging File | 4,25 Gb Available in Paging File | 69,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 140,17 Gb Free Space | 62,89% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: BERND-PC | User Name: Claudia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C4EED7-A279-462F-BBA7-D2D8BD5046D4}" = lport=137 | protocol=17 | dir=in | app=system |
"{14C88765-7B51-416D-AB99-3478F5F94196}" = lport=2869 | protocol=6 | dir=in | app=system |
"{24DFA3E5-3B50-4014-95E2-148BDB6AA210}" = lport=445 | protocol=6 | dir=in | app=system |
"{2F669F43-4395-4434-830C-5FDBCDCBEF67}" = lport=138 | protocol=17 | dir=in | app=system |
"{4B95E661-DB88-459E-8637-281C836D5085}" = lport=139 | protocol=6 | dir=in | app=system |
"{73B46C02-BD2C-45E2-80DD-1F64DC997D12}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{76D4A6E2-FC47-473F-8F6F-A39963524580}" = rport=445 | protocol=6 | dir=out | app=system |
"{7AF1F616-5C39-4E1E-A676-1840CC3EA173}" = rport=137 | protocol=17 | dir=out | app=system |
"{7B3F1052-8DA9-4CED-B9A3-BDDF3D56513D}" = rport=139 | protocol=6 | dir=out | app=system |
"{890A6878-33A4-48DF-AA6F-6EDC2A25F34F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ADF3C647-AD9F-4D42-A60E-5ED9B9D64A87}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C9269BC0-DEB7-40BF-B21B-C68B22510B2A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D7CC5BD1-7369-4016-B23E-3295BA1BF60C}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07FB16ED-34E8-419D-9B79-37ACEE5F16E9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{0FB12408-EB6E-4B22-A547-1DC3C59EC289}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1694CD1C-1C3A-4CBF-85C8-28504BA0738A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{183A199C-B066-4DC9-A7C1-461C4F089979}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1A279C8B-C746-48D6-8A7D-67D1CF91BB48}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1AD1BE97-D5B8-4BCA-B7B3-02512A902298}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21E35137-45B6-4179-99BF-C14FD554F60F}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{37E9EE39-845F-48FE-85E1-13B7114B4F9E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3E1ADA80-FA43-4A96-A43C-F53305971AD6}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{431F9983-F99D-4659-99BD-C719F9D0120D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{635F64AC-869A-4DBE-BF98-91BFFEDE5560}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6EC031C4-A9F6-4018-8994-A93A8DDD11D7}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{6ED179EE-D58F-4424-8038-F6FCE7ACBE5C}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{7BCAA46F-6714-4FD4-BB58-4A5729EA1B54}" = protocol=17 | dir=in | app=c:\users\claudia\appdata\roaming\dropbox\bin\dropbox.exe |
"{91138D45-7AF2-4FE7-A974-58891B5030E2}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{AC1BB519-EE2F-46A0-B82C-6AC9D445576B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AC361D2D-A251-4014-AB62-2CC3EE44B01E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AF1237AD-20ED-43DD-9793-CF0422933901}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B93E3D27-F981-4CDB-8288-0373491B2B36}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{CF749757-C9FD-4830-B3FD-32E5672051C1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1C45A15-3F70-49ED-BC82-DA11F735346F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{DE18BB14-DF89-4FC2-86BB-6D696EF2EAFD}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{EE11C9E1-83BB-49B7-B25A-125E062DC960}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FD84BF63-CC78-4A4C-9FDD-D9331F47B6AD}" = protocol=6 | dir=in | app=c:\users\claudia\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppM1130M1210SeriesLaserJetService
"{0F5C38CB-DCA7-44E0-A654-26121331557A}" = GMX Update
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15F02176-0D12-4FAF-B2CD-2767C7781427}" = Google SketchUp 8
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B77BC7B-4538-4652-AF33-C201F21BF8F2}" = toolstar* file recovery professional DEMO
"{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = eMachines Power Management
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4F45EE37-41B8-4228-A0BC-D7633632D692}" = Duden Korrektor kompakt
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5AF27589-0FA3-4BB0-8609-8F0135B1D9F6}" = Firefox 3.6 GMX Edition
"{5CC68528-24FF-4DF8-91C9-AF540F98505A}" = Sony Ericsson Drivers
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{867F5501-F8EF-4542-9D68-310A238A15FF}" = SLOW-PCfighter
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Video Web Camera
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{B192E1BB-98A4-4369-9271-96117A57F546}" = Sony Ericsson PC Suite
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B435AE22-F62A-4402-A4E5-E612631B92C9}" = OnlineLive
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BF67F764-95B6-4360-BB57-B2E5AA6C814B}" = SweetIM Toolbar for Internet Explorer 4.0
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}" = hppusgM1130M1210Series
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE56DA9A-7965-44B3-9386-7C2F2D23F26A}" = Tango
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7310F2E-C551-4FAB-BA07-EAC2E158B1BB}" = IKEA Home Planner
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"3DataManager" = Mein 3DataManager
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BabylonToolbar" = Babylon toolbar
"conduitEngine" = Conduit Engine
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EASEUS Data Recovery Wizard 5.0.1 Demo_is1" = EASEUS Data Recovery Wizard 5.0.1 Demo
"eMachines Screensaver" = eMachines ScreenSaver
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Firefox 3.6 GMX Edition" = Firefox 3.6 GMX Edition
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 5.0.9
"Free YouTube Download_is1" = Free YouTube Download 2.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.31
"FrostWire" = FrostWire 4.21.3
"GMX Update" = GMX Update
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"NIS" = Norton Internet Security
"NSS" = Norton Security Scan
"Recuva" = Recuva
"ResultTool" = ResultTool 1.0 build 139 powered by FIRST SEARCHBAR
"SLOW-PCfighter" = SLOW-PCfighter
"SMPlayer" = SMPlayer 0.6.8
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Print Shop Premier Edition 5.0" = Print Shop Premier 5.0
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Uninstall_is1" = Uninstall 1.0.0.1
"WildTangent emachines Master Uninstall" = eMachines Games
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GabPath" = GabPath
"Game Organizer" = EasyBits GO
"Heinzelnisse" = Heinzelnisse
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.02.2011 04:47:26 | Computer Name = Bernd-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.02.2011 04:48:22 | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung epmworker.exe, Version 1.2.0.1234, Zeitstempel
0x46273629, fehlerhaftes Modul epmworker.exe, Version 1.2.0.1234, Zeitstempel 0x46273629,
Ausnahmecode 0xc0000005, Fehleroffset 0x00026f6a, Prozess-ID 0x14c, Anwendungsstartzeit
01cbcdb641d74348.
Error - 16.02.2011 09:32:52 | Computer Name = Bernd-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.02.2011 09:34:34 | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung epmworker.exe, Version 1.2.0.1234, Zeitstempel
0x46273629, fehlerhaftes Modul epmworker.exe, Version 1.2.0.1234, Zeitstempel 0x46273629,
Ausnahmecode 0xc0000005, Fehleroffset 0x00026f6a, Prozess-ID 0x1500, Anwendungsstartzeit
01cbcdde3e0331b4.
Error - 17.02.2011 04:09:22 | Computer Name = Bernd-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.02.2011 04:11:00 | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung epmworker.exe, Version 1.2.0.1234, Zeitstempel
0x46273629, fehlerhaftes Modul epmworker.exe, Version 1.2.0.1234, Zeitstempel 0x46273629,
Ausnahmecode 0xc0000005, Fehleroffset 0x00026f6a, Prozess-ID 0xd08, Anwendungsstartzeit
01cbce7a339c619f.
Error - 17.02.2011 05:33:45 | Computer Name = Bernd-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.02.2011 05:34:03 | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung epmworker.exe, Version 1.2.0.1234, Zeitstempel
0x46273629, fehlerhaftes Modul epmworker.exe, Version 1.2.0.1234, Zeitstempel 0x46273629,
Ausnahmecode 0xc0000005, Fehleroffset 0x00026f6a, Prozess-ID 0x12f0, Anwendungsstartzeit
01cbce85cfc6fadd.
Error - 17.02.2011 11:48:33 | Computer Name = Bernd-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.02.2011 11:49:23 | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung epmworker.exe, Version 1.2.0.1234, Zeitstempel
0x46273629, fehlerhaftes Modul epmworker.exe, Version 1.2.0.1234, Zeitstempel 0x46273629,
Ausnahmecode 0xc0000005, Fehleroffset 0x00026f6a, Prozess-ID 0x15e8, Anwendungsstartzeit
01cbceba3b6354f7.
[ OSession Events ]
Error - 08.12.2010 04:22:47 | Computer Name = Bernd-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13
seconds with 0 seconds of active time. This session ended with a crash.
Error - 14.02.2011 18:10:25 | Computer Name = Bernd-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.03.2011 16:55:47 | Computer Name = Bernd-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
--- --- --- |
