OTL:
OTL Logfile: Code:
OTL logfile created on: 04.12.2011 00:17:59 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Philipp\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 40,05% Memory free
6,18 Gb Paging File | 4,61 Gb Available in Paging File | 74,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 94,16 Gb Total Space | 5,85 Gb Free Space | 6,21% Space Free | Partition Type: NTFS
Drive D: | 195,14 Gb Total Space | 193,01 Gb Free Space | 98,91% Space Free | Partition Type: NTFS
Computer Name: PHILIPPS-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.01 21:10:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
PRC - [2011.11.09 19:01:45 | 000,912,856 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009.10.21 17:15:38 | 000,288,768 | ---- | M] (T-Systems International GmbH) -- C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.01.04 23:54:09 | 001,251,720 | ---- | M] () -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008.10.17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Programme\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008.04.28 17:21:56 | 000,374,784 | ---- | M] (ODM) -- C:\Programme\OEM\OSD_1.12\osd.exe
PRC - [2008.04.25 14:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Programme\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2008.04.25 07:25:52 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.22 09:24:28 | 000,094,208 | ---- | M] (TODO: <公司名稱>) -- C:\Programme\OEM\OSD_1.12\OsdService.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.08.31 11:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.09 19:01:45 | 000,849,368 | ---- | M] () -- C:\Programme\Mozilla Firefox\js3250.dll
MOD - [2010.07.16 22:23:36 | 005,612,496 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2009.08.20 01:19:40 | 000,074,984 | ---- | M] () -- C:\Programme\FILEminimizer Pictures\FILEMShell.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009.12.12 00:47:44 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2009.10.21 17:15:38 | 000,288,768 | ---- | M] (T-Systems International GmbH) [Auto | Running] -- C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe -- (DFSVC)
SRV - [2009.09.16 20:08:36 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.01.04 23:54:09 | 001,251,720 | ---- | M] () [On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008.10.17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008.10.17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008.10.17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008.10.17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008.04.25 14:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008.02.22 09:24:28 | 000,094,208 | ---- | M] (TODO: <公司名稱>) [Auto | Running] -- C:\Programme\OEM\OSD_1.12\OsdService.exe -- (OsdService)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.08.31 11:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007.08.23 21:35:24 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007.08.22 08:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
========== Driver Services (SafeList) ==========
DRV - [2292.09.22 01:24:31 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20111202.032\NAVEX15.SYS -- (NAVEX15)
DRV - [2292.09.22 01:24:31 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20111202.032\NAVENG.SYS -- (NAVENG)
DRV - [2011.11.08 10:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011.11.08 10:00:00 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.10.17 23:22:24 | 000,286,328 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20111103.001\IDSvix86.sys -- (IDSvix86)
DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009.12.12 00:48:04 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2009.10.15 17:14:38 | 000,024,352 | ---- | M] (T-Systems International GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SipIMNDI.sys -- (SipIMNDI)
DRV - [2009.10.15 17:14:38 | 000,014,624 | ---- | M] (T-Systems International GmbH) [Kernel | On_Demand | Running] -- C:\Programme\T-Online\Dialerschutz-Software\DFSYS.sys -- (DFSYS)
DRV - [2009.06.29 17:59:02 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.06.29 17:59:02 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009.04.09 13:38:26 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.02.19 11:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009.02.19 11:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009.02.19 11:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009.02.19 11:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009.02.19 11:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009.02.19 11:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009.01.08 17:50:31 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008.09.05 14:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008.07.30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008.05.22 23:59:00 | 007,494,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.05.01 07:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.03 13:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008.03.31 12:02:34 | 000,008,192 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\kbfiltr.sys -- (GpdKbFilter)
DRV - [2008.01.21 03:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.12.28 18:21:54 | 000,104,448 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.12.19 18:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2007.11.30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007.11.30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007.11.30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007.11.21 10:31:26 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\directport.sys -- (GpdDevDPort)
DRV - [2007.08.09 00:39:56 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007.08.07 01:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.studivz.net/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de-de.facebook.com/index.php?lh=533538a313a0c195aaaba96792bd4735&
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.09 19:01:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.09 19:01:52 | 000,000,000 | ---D | M]
[2009.12.28 20:40:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Extensions
[2011.12.03 15:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\1w91do94.default\extensions
[2011.11.30 23:49:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\1w91do94.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.21 23:37:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.08.21 23:37:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.21 23:37:36 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.21 23:36:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.11.15 12:11:11 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.11.15 12:11:11 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.11.15 12:11:11 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.11.15 12:11:11 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.11.15 12:11:12 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.04.23 14:48:47 | 000,432,777 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14896 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Reg Error: Value error.) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton-Symbolleiste anzeigen) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton-Symbolleiste anzeigen) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [FSCRecovery] c:\Programme\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NPCTray] C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Programme\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [T-Home Dialerschutz-Software] C:\Program Files\T-Online\Dialerschutz-Software\Defender.exe (T-Systems International GmbH)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OSD.lnk = C:\Users\Philipp\AppData\Roaming\Microsoft\Installer\{73289228-1853-4623-982A-EB17FF0270CA}\_4D3FC276DECE661B01DFEC.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{164C6585-FAE0-4313-BBF0-B1704721EA6A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0FCC6BB-3009-4C90-814A-EA5B6E39848F}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Green Sea Turtle.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Green Sea Turtle.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0f404d07-e1a9-11de-bc7e-e0552c85f339}\Shell - "" = AutoRun
O33 - MountPoints2\{0f404d07-e1a9-11de-bc7e-e0552c85f339}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{578a74c8-dca4-11de-9866-c7db3f14ed95}\Shell\AutoRun\command - "" = H:\setupSNK.exe
O33 - MountPoints2\{81a9b962-d9f3-11df-ac47-f3e5a27c116b}\Shell - "" = AutoRun
O33 - MountPoints2\{81a9b962-d9f3-11df-ac47-f3e5a27c116b}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{81a9b99e-d9f3-11df-ac47-cb3d62e3ad1e}\Shell - "" = AutoRun
O33 - MountPoints2\{81a9b99e-d9f3-11df-ac47-cb3d62e3ad1e}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{927a30fd-ddac-11de-9ab4-fd7d818cf989}\Shell - "" = AutoRun
O33 - MountPoints2\{927a30fd-ddac-11de-9ab4-fd7d818cf989}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{927a30fe-ddac-11de-9ab4-fd7d818cf989}\Shell - "" = AutoRun
O33 - MountPoints2\{927a30fe-ddac-11de-9ab4-fd7d818cf989}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{927a3105-ddac-11de-9ab4-b17da37f32e2}\Shell - "" = AutoRun
O33 - MountPoints2\{927a3105-ddac-11de-9ab4-b17da37f32e2}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{927a3121-ddac-11de-9ab4-f044d85012bc}\Shell - "" = AutoRun
O33 - MountPoints2\{927a3121-ddac-11de-9ab4-f044d85012bc}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ae7adb76-d833-11de-9596-a88ed0c69bf2}\Shell - "" = AutoRun
O33 - MountPoints2\{ae7adb76-d833-11de-9596-a88ed0c69bf2}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b74e9c22-3d89-11df-8abb-975eea4b338c}\Shell\AutoRun\command - "" = I:\Menu.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.12.02 02:59:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.12.02 02:26:11 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\logsi
[2011.12.01 21:09:23 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
[2011.12.01 18:59:08 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTH.scr
[2011.12.01 17:14:26 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Philipp\Desktop\tdsskiller.exe
[2011.12.01 12:44:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Malwarebytes
[2011.12.01 12:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.01 12:44:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.01 12:43:54 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.12.01 12:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.12.01 02:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.11.30 23:04:49 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011.11.12 23:46:01 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Kalender
========== Files - Modified Within 30 Days ==========
[2011.12.03 23:56:30 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe
[2011.12.03 23:49:14 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.03 23:39:17 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.03 23:39:17 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.03 21:39:34 | 000,078,253 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.12.03 21:39:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.03 16:19:53 | 000,002,489 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OSD.lnk
[2011.12.03 16:19:34 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.03 15:46:16 | 000,302,592 | ---- | M] () -- C:\Users\Philipp\Desktop\74xf93cj.exe
[2011.12.01 21:10:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
[2011.12.01 18:59:19 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTH.scr
[2011.12.01 18:32:36 | 000,684,297 | ---- | M] () -- C:\Users\Philipp\Desktop\unhide.exe
[2011.12.01 17:14:47 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Philipp\Desktop\tdsskiller.exe
[2011.12.01 12:44:14 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.12.01 12:29:25 | 001,008,114 | ---- | M] () -- C:\Users\Philipp\Desktop\rkill.com
[2011.11.30 23:36:05 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.30 23:36:05 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.30 23:36:05 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.30 23:36:04 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.30 23:11:28 | 000,000,448 | ---- | M] () -- C:\ProgramData\kTCk14WaoUjHMX
[2011.11.30 23:09:47 | 000,000,312 | ---- | M] () -- C:\ProgramData\~kTCk14WaoUjHMX
[2011.11.30 23:09:47 | 000,000,216 | ---- | M] () -- C:\ProgramData\~kTCk14WaoUjHMXr
[2011.11.30 23:04:58 | 000,078,253 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.11.29 23:50:05 | 000,000,600 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security Online - Systemprüfung ausführen - Philipp.job
[2011.11.27 00:29:26 | 000,033,984 | ---- | M] () -- C:\Users\Philipp\Documents\Video call snapshot 12.png
[2011.11.27 00:27:54 | 000,095,478 | ---- | M] () -- C:\Users\Philipp\Documents\Video call snapshot 2.png
[2011.11.20 19:51:34 | 000,082,944 | ---- | M] () -- C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.18 16:36:18 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.11.14 00:48:32 | 000,034,384 | ---- | M] () -- C:\Users\Philipp\Documents\Video call snapshot 15.png
========== Files Created - No Company Name ==========
[2011.12.04 00:06:19 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe
[2011.12.03 15:46:00 | 000,302,592 | ---- | C] () -- C:\Users\Philipp\Desktop\74xf93cj.exe
[2011.12.01 18:32:22 | 000,684,297 | ---- | C] () -- C:\Users\Philipp\Desktop\unhide.exe
[2011.12.01 12:44:14 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.12.01 12:29:09 | 001,008,114 | ---- | C] () -- C:\Users\Philipp\Desktop\rkill.com
[2011.11.30 23:09:47 | 000,000,312 | ---- | C] () -- C:\ProgramData\~kTCk14WaoUjHMX
[2011.11.30 23:09:47 | 000,000,216 | ---- | C] () -- C:\ProgramData\~kTCk14WaoUjHMXr
[2011.11.30 23:04:36 | 000,000,448 | ---- | C] () -- C:\ProgramData\kTCk14WaoUjHMX
[2011.11.27 00:28:57 | 000,033,984 | ---- | C] () -- C:\Users\Philipp\Documents\Video call snapshot 12.png
[2011.11.27 00:27:44 | 000,095,478 | ---- | C] () -- C:\Users\Philipp\Documents\Video call snapshot 2.png
[2011.11.14 00:48:17 | 000,034,384 | ---- | C] () -- C:\Users\Philipp\Documents\Video call snapshot 15.png
[2011.02.01 19:09:36 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini
[2011.02.01 17:51:06 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010.06.08 09:43:09 | 000,000,680 | ---- | C] () -- C:\Users\Philipp\AppData\Local\d3d9caps.dat
[2009.12.29 18:08:25 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.10.23 16:13:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.10.23 16:13:57 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.07.18 17:49:31 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.05.05 07:20:48 | 000,000,456 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\settings.ini
[2009.05.04 01:37:22 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.03.29 17:03:36 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2009.01.06 03:10:31 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.02 22:50:08 | 000,082,944 | ---- | C] () -- C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.30 18:44:22 | 000,000,314 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\wklnhst.dat
[2008.12.30 18:32:31 | 000,000,342 | ---- | C] () -- C:\Windows\{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}_WiseFW.ini
[2008.12.07 13:08:04 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.07.03 05:11:42 | 000,078,253 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.07.03 05:11:42 | 000,078,253 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.04.27 09:33:36 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.04.25 14:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2008.01.21 08:15:58 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.11.21 10:31:26 | 000,007,168 | ---- | C] () -- C:\Windows\System32\directport.sys
[2007.09.04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,337,816 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
========== LOP Check ==========
[2009.12.01 23:21:48 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Bytemobile
[2011.01.24 13:37:23 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Canon
[2010.09.25 19:27:44 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.11.30 23:49:49 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\FILEminimizerPictures
[2011.11.30 23:49:49 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\gtk-2.0
[2010.08.21 23:44:12 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\OpenOffice.org
[2011.11.30 23:49:54 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\PhotoScape
[2011.02.04 14:28:23 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Sierra
[2009.01.02 22:00:07 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Template
[2009.12.01 23:21:44 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Vodafone
[2009.12.01 23:27:18 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Vodafone Mobile Connect
[2011.12.03 16:18:05 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > --- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 04.12.2011 00:17:59 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Philipp\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 40,05% Memory free
6,18 Gb Paging File | 4,61 Gb Available in Paging File | 74,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 94,16 Gb Total Space | 5,85 Gb Free Space | 6,21% Space Free | Partition Type: NTFS
Drive D: | 195,14 Gb Total Space | 193,01 Gb Free Space | 98,91% Space Free | Partition Type: NTFS
Computer Name: PHILIPPS-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10831250-726E-46D2-A54E-AFF673C6BD17}" = rport=139 | protocol=6 | dir=out | app=system |
"{12E26E63-1AD3-4B2A-85B7-89C749CA7D0E}" = rport=138 | protocol=17 | dir=out | app=system |
"{31136051-CA9D-4400-9245-B168E6B4F053}" = lport=137 | protocol=17 | dir=in | app=system |
"{37667889-4D64-4C09-A851-182278C16EF0}" = lport=445 | protocol=6 | dir=in | app=system |
"{419D67BB-4CE8-43C4-AB78-9CA1BB2E71B9}" = lport=139 | protocol=6 | dir=in | app=system |
"{75C52308-EB6C-4376-A358-288FCEEE0C97}" = lport=138 | protocol=17 | dir=in | app=system |
"{775F0344-1886-4388-877C-C51473A6FACE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9DBCB499-4CD7-4BCE-AF8F-BB15B7738C5C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CFD503ED-BEF9-404C-B8EC-03AFA22F7299}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E54D9432-7BAE-4D43-ADBF-1397FD4A0305}" = rport=137 | protocol=17 | dir=out | app=system |
"{ED5CA544-C1A3-450E-A620-B580A98710FC}" = rport=445 | protocol=6 | dir=out | app=system |
"{FF88EC1A-4DC5-425F-B57A-8D63C742F927}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{083B0077-8448-41E4-8A1D-E7670D5D3FF0}" = protocol=17 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{2282B372-A9DF-4242-AB94-FADA40B9E805}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3AB9081F-BBB4-441A-B2D9-CD26C2834064}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3DD665F5-48AA-4F7B-A2A4-C897F48FF30B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{46D36E57-5373-4ECB-9E46-39C25484FF48}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{47900B3A-F7B1-4EA0-9167-7EACB794B70D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4B22E396-915B-4AF9-8B6C-6AE9F225D602}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5784412B-3CCC-414E-8961-469E8774AB05}" = protocol=6 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{5A8E06A3-746A-4D5D-B6EC-C9F39C88BB4D}" = protocol=6 | dir=in | app=e:\alicesetup.exe |
"{65D77617-31B4-4708-B0C4-F59D7D20EB45}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6E555262-445B-4AB9-B5E4-09DFAF397347}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{900E1067-BB40-4185-BAC4-BE21CA61742E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{98A8B04D-849C-49F6-B0B4-24E63558B815}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{B66AF5EC-F941-43A8-B21C-E1881A839036}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B8AD4B2C-5EA5-4708-84A3-354183C1030D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DA386FF4-F34A-4233-87FF-611EB089A3B3}" = protocol=17 | dir=in | app=e:\alicesetup.exe |
"{FBF21EAB-6690-4762-B0BA-53AFFB7653C0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{FDE835E6-C751-406B-A927-3832387AC935}C:\program files\ubisoft\gearbox software\brothersinarmseib\system\eib.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\gearbox software\brothersinarmseib\system\eib.exe |
"UDP Query User{CF7DF3FE-308D-435E-AF42-9A50C566A3AC}C:\program files\ubisoft\gearbox software\brothersinarmseib\system\eib.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\gearbox software\brothersinarmseib\system\eib.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{26AF3ABB-9BC4-48FC-8864-D6CA9384CF2F}" = SymNet
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{32E2F180-247C-4077-B06A-20F9868568E0}_is1" = UltraMixer 2.4.1
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{369E2004-86A5-4CA5-BB80-7D65041B8531}" = Symantec Real Time Storage Protection Component
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{53480870-02D8-48FB-BC27-72C956885168}" = O&O MediaRecovery
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}" = Adobe Flash Player 9 ActiveX
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73289228-1853-4623-982A-EB17FF0270CA}" = OSD_1.12
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{854C47D1-C2A0-4492-8655-C3F8D49C1031}" = Nero 8 Essentials
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}" = FSCLounge
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{E8C5BD56-F5D8-41D3-8A71-273468FE256A}" = T-Home Dialerschutz-Software
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F58B763E-9FB9-4629-AF3C-CC9744BC4BA7}" = Fujitsu Siemens Computers Recovery
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"A35BD68D4A1B3E191138E3C9AA417190A9468F7E" = Windows-Treiberpaket - Leaf Imaging Ltd. Image (02/11/2010 )
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"DPP" = Canon Utilities Digital Photo Professional 3.9
"EOS Utility" = Canon Utilities EOS Utility
"FILEminimizer Pictures_is1" = FILEminimizer Pictures
"Finale 2008" = Finale 2008
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.24)" = Mozilla Firefox (3.6.24)
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"NVIDIA Drivers" = NVIDIA Drivers
"OpenVPN" = OpenVPN 2.1.1
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoScape" = PhotoScape
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PowerISO" = PowerISO
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security Online (Symantec Corporation)
"WFTK" = Canon Utilities WFT Utility
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.11.2010 10:24:11 | Computer Name = Philipps-PC | Source = RasClient | ID = 20227
Description =
Error - 11.11.2010 10:32:00 | Computer Name = Philipps-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.11.2010 10:32:08 | Computer Name = Philipps-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.11.2010 10:32:08 | Computer Name = Philipps-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.11.2010 10:32:08 | Computer Name = Philipps-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.11.2010 10:32:09 | Computer Name = Philipps-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.11.2010 10:32:13 | Computer Name = Philipps-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.11.2010 10:32:14 | Computer Name = Philipps-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.11.2010 10:32:14 | Computer Name = Philipps-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.11.2010 10:32:14 | Computer Name = Philipps-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ OSession Events ]
Error - 26.03.2009 17:34:31 | Computer Name = Philipps-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 22 seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 01.12.2011 12:26:59 | Computer Name = Philipps-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 01.12.2011 13:08:34 | Computer Name = Philipps-PC | Source = DCOM | ID = 10016
Description =
Error - 01.12.2011 14:49:30 | Computer Name = Philipps-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 01.12.2011 15:27:49 | Computer Name = Philipps-PC | Source = DCOM | ID = 10016
Description =
Error - 01.12.2011 15:38:16 | Computer Name = Philipps-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 01.12.2011 15:38:18 | Computer Name = Philipps-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 01.12.2011 22:22:00 | Computer Name = Philipps-PC | Source = DCOM | ID = 10016
Description =
Error - 03.12.2011 10:15:06 | Computer Name = Philipps-PC | Source = DCOM | ID = 10016
Description =
Error - 03.12.2011 10:17:08 | Computer Name = Philipps-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 03.12.2011 11:20:38 | Computer Name = Philipps-PC | Source = DCOM | ID = 10016
Description =
< End of report > --- --- ---
programme: Code:
Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 29.12.2008 14,0MB
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 02.05.2009 10.0.22.87
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 15.07.2010 10.1.53.64
Adobe Flash Player 9 ActiveX Adobe Systems, Inc. 29.12.2008 3,05MB 9.0.124.0
Adobe Reader 8.1.2 - Deutsch Adobe Systems Incorporated 02.07.2008 99,6MB 8.1.2
CANON iMAGE GATEWAY MyCamera Download Plugin Canon Inc. 22.01.2011 0,60MB 3.1.0.1
CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Inc. 22.01.2011 72,1MB 1.8.0.1
Canon Internet Library for ZoomBrowser EX Canon Inc. 22.01.2011 72,1MB 1.7.0.1
Canon MOV Decoder Canon Inc. 22.01.2011 4,71MB 1.7.0.6
Canon MOV Encoder Canon Inc. 22.01.2011 2,86MB 1.5.0.3
Canon MovieEdit Task for ZoomBrowser EX Canon Inc. 22.01.2011 72,1MB 3.6.0.5
Canon Utilities Digital Photo Professional 3.9 Canon Inc. 22.01.2011 61,9MB 3.9.1.0
Canon Utilities EOS Utility Canon Inc. 22.01.2011 45,1MB 2.9.0.0
Canon Utilities Original Data Security Tools Canon Inc. 22.01.2011 6,81MB 1.9.0.1
Canon Utilities PhotoStitch Canon Inc. 22.01.2011 6,14MB 3.1.22.46
Canon Utilities Picture Style Editor Canon Inc. 22.01.2011 33,5MB 1.8.0.0
Canon Utilities WFT Utility Canon Inc. 22.01.2011 5,76MB 3.5.1.1
Canon Utilities ZoomBrowser EX Canon Inc. 22.01.2011 72,1MB 6.6.0.23
Canon ZoomBrowser EX Memory Card Utility Canon Inc. 22.01.2011 14,1MB 1.4.0.4
CCleaner Piriform 03.12.2011 4,20MB 3.13
Compatibility Pack für 2007 Office System Microsoft Corporation 15.09.2011 58,4MB 12.0.6425.1000
DivX Player DivX, Inc. 20.02.2010 8,43MB 7.2.0
DivX Plus Web Player DivX,Inc. 20.02.2010 8,77MB 2.0.0
Empire Earth II Sierra 03.02.2011 1.068MB 1.02
FILEminimizer Pictures balesio AG 31.01.2011 3,91MB
Finale 2008 MakeMusic 27.05.2009 286MB 13.0.28
FSCLounge Fujitsu Siemens Computers 29.12.2008 8,47MB 1.0.0
Fujitsu Siemens Computers Recovery Fujitsu Siemens Computers 29.12.2008 7,06MB 1.3.8
Grand Theft Auto Vice City 20.06.2009 1.502MB 1.00.000
Java(TM) 6 Update 20 Sun Microsystems, Inc. 21.08.2010 97,2MB 6.0.200
LiveUpdate (Symantec Corporation) Symantec 12.07.2007 9,98MB 3.4.0.162
Malwarebytes' Anti-Malware Version 1.51.2.1300 Malwarebytes Corporation 30.11.2011 6,77MB 1.51.2.1300
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 22.08.2009 37,0MB
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 25.07.2009 37,0MB
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 25.06.2010 120,3MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 25.06.2010 24,5MB 4.0.30319
Microsoft Office File Validation Add-In Microsoft Corporation 15.09.2011 7,92MB 14.0.5130.5003
Microsoft Office Home and Student 2007 Microsoft Corporation 25.07.2009 301MB 12.0.6425.1000
Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 15.09.2011 51,5MB 12.0.6425.1000
Microsoft Office Standard Edition 2003 Microsoft Corporation 08.11.2011 372MB 11.0.8173.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 28.07.2009 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 14.06.2011 0,29MB 8.0.61001
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 01.12.2011 11,1MB 10.0.40219
Microsoft Works Microsoft Corporation 17.12.2010 377MB 9.7.0621
Mozilla Firefox (3.6.24) Mozilla 08.11.2011 26,9MB 3.6.24 (de)
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 05.01.2009 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 28.11.2009 1,34MB 4.20.9876.0
Nero 8 Essentials Nero AG 02.07.2008 1.759MB 8.3.161
Norton Internet Security Online (Symantec Corporation) Symantec Corporation 01.01.2009 53,6MB 15.0.0.60
NVIDIA Drivers 04.12.2009
O&O MediaRecovery O&O Software GmbH 31.01.2011 6,39MB 4.1.1322
OpenVPN 2.1.1 10.11.2010 3,98MB 2.1.1
OSD_1.12 OEM 29.12.2008 1,23MB 1.0.0
PhotoScape 30.01.2011 27,4MB
PowerISO 26.05.2009 2,16MB
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 02.07.2008
Skype™ 5.3 Skype Technologies S.A. 05.06.2011 22,6MB 5.3.111
Spybot - Search & Destroy Safer Networking Limited 22.04.2011 63,2MB 1.6.2
SystemDiagnostics Fujitsu Siemens Computers 29.12.2008 13,6MB 2.01.0004
T-Home Dialerschutz-Software 25.12.2009 1,01MB
UltraMixer 2.4.1 UltraMixer Digital Audio Solutions 12.04.2011 121,8MB 2.4.1
Vista Codec Package Shark007 07.05.2009 54,5MB 5.2.4
Windows Live Anmelde-Assistent Microsoft Corporation 07.03.2009 1,93MB 5.000.818.6
Windows Live Essentials Microsoft Corporation 21.12.2009 44,0MB 14.0.8089.0726
Windows Live-Uploadtool Microsoft Corporation 21.12.2009 0,22MB 14.0.8014.1029
Windows-Treiberpaket - Leaf Imaging Ltd. Image (02/11/2010 ) Leaf Imaging Ltd. 12.07.2011 10.362MB 02/11/2010
WinRAR 12.05.2010 3,78MB so, das wars erstmal.
Vielen Dank soweit!
Gruß,
Philipp |