Trojaner-Board - "50 Euro Virus" Schwarzer Bildschirm Zahlung

OTL Logfile:

Code:

OTL logfile created on: 12.02.2012 19:32:56 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\moritz\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,80 Gb Total Physical Memory | 3,20 Gb Available Physical Memory | 84,22% Memory free

7,60 Gb Paging File | 7,03 Gb Available in Paging File | 92,50% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 281,98 Gb Total Space | 176,79 Gb Free Space | 62,69% Space Free | Partition Type: NTFS

Drive D: | 15,82 Gb Total Space | 2,28 Gb Free Space | 14,42% Space Free | Partition Type: NTFS

Drive E: | 6,42 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

 

Computer Name: MORITZ-HP | User Name: moritz | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.02.12 19:30:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\moritz\Desktop\OTL.exe

PRC - [2009.07.14 02:14:47 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

 

 
 ========== Modules (No Company Name) ==========

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010.06.22 06:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2010.06.18 15:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)

SRV:64bit: - [2010.06.17 14:54:20 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Stopped] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)

SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)

SRV - [2011.07.01 11:03:16 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.05.01 11:43:18 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.02.04 16:32:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)

SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

SRV - [2010.07.02 10:51:16 | 000,027,192 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)

SRV - [2010.04.13 08:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)

SRV - [2010.03.18 20:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2010.03.18 20:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.11.18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008.11.09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.07.01 11:03:17 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2011.07.01 11:03:17 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.10.12 19:46:13 | 003,063,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2010.06.22 08:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010.06.22 06:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)

DRV:64bit: - [2010.06.22 06:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010.06.22 06:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010.05.31 20:46:50 | 000,333,928 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2010.05.06 14:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010.04.16 04:26:28 | 000,319,536 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010.04.13 08:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010.02.27 01:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)

DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009.06.10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)

DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)

DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - [2009.09.23 02:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

IE - HKLM\..\URLSearchHook: {0f369707-379f-46df-a5c5-d04390f3459b} - C:\Program Files (x86)\Funload.de\tbFunl.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\..\URLSearchHook: {0f369707-379f-46df-a5c5-d04390f3459b} - C:\Program Files (x86)\Funload.de\tbFunl.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - No CLSID value found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 10.128.9.30:80

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\moritz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\moritz\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\moritz\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\moritz\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\Firefox [2010.10.12 20:09:54 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files (x86)\AutocompletePro\support@predictad.com [2011.05.08 20:48:10 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.08.22 20:06:04 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.1.0\FF [2011.03.09 12:59:21 | 000,000,000 | ---D | M]

 

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\11.0.696.68\pdf.dll

CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\11.0.696.68\gears.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\11.0.696.68\gcswf32.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll

CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Babylon Chrome OCR = C:\Users\moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\

 

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (Funload.de Toolbar) - {0f369707-379f-46df-a5c5-d04390f3459b} - C:\Program Files (x86)\Funload.de\tbFunl.dll (Conduit Ltd.)

O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (SimplyGen)

O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)

O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)

O2 - BHO: (Surf Canyon Search Engine Assistant) - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)

O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)

O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Funload.de Toolbar) - {0f369707-379f-46df-a5c5-d04390f3459b} - C:\Program Files (x86)\Funload.de\tbFunl.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)

O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Funload.de Toolbar) - {0F369707-379F-46DF-A5C5-D04390F3459B} - C:\Program Files (x86)\Funload.de\tbFunl.dll (Conduit Ltd.)

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)

O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (Microsoft Corp.)

O4 - HKLM..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)

O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)

O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()

O4 - HKCU..\Run: [Spiele Post] C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe (Intenium)

O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\moritz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\moritz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\moritz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\moritz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://incredimailintl.oberon-media.com/online/online2/luxor_amun_rising/mjolauncher.cab (MJLauncherCtrl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab (P3DActiveX Control)

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B192037-315D-4CE9-A2A6-D1C910021E25}: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18:64bit: - Protocol\Filter\text/xml - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

 

 

CREATERESTOREPOINT

Error creating restore point.

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.02.12 19:30:35 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\moritz\Desktop\OTL.exe

[2012.02.12 19:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery

[2012.02.12 19:11:11 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Roaming\Malwarebytes

[2012.02.12 19:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.02.12 19:10:58 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.02.12 19:10:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.02.12 19:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.02.12 19:06:54 | 009,502,424 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\moritz\Desktop\mbam-setup-1.60.1.1000.exe

[2012.02.12 16:41:35 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{9CE2835F-9B82-4A5A-B3AB-4FE4F0934152}

[2012.02.12 16:41:13 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{359B0BC5-52EB-4E7E-9612-D5004CD7D7AF}

[2012.02.12 10:33:26 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\ElevatedDiagnostics

[2012.02.12 00:04:21 | 000,000,000 | ---D | C] -- C:\Users\moritz\Desktop\PyWright_0.986.win

[2012.02.11 23:20:11 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\Mozilla

[2012.02.11 23:18:36 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{A032FD51-3724-40F5-8A1D-3785815E51FB}

[2012.02.11 23:18:12 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{803653D4-CF67-40DE-B72E-953C2E278FC0}

[2012.02.11 20:06:29 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{6716659C-81F1-47DC-8589-085AD52B5664}

[2012.02.11 19:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enterbrain

[2012.02.11 18:26:32 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{03C46F58-8CA4-42D9-B1DB-33C42AF73972}

[2012.02.06 17:02:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Enterbrain

[2012.02.04 21:51:26 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{8983BE32-CC1F-4048-A38E-8EECA4DB1088}

[2012.02.04 21:51:14 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{D76FC037-34F6-4D27-8CA9-A90F395B61D2}

[2012.02.04 11:31:53 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{EE99C28F-93ED-4408-95E2-73BC549271B6}

[2012.01.30 11:23:32 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{725671C7-FBBF-45CC-BF76-CE20ADD176D6}

[2012.01.29 23:22:17 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{A3496F47-01DF-4B2F-98C9-12B6FB4DD6F9}

[2012.01.29 23:21:54 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{0A8D56F4-5E5E-49CA-85B2-80C8D6EEAA25}

[2012.01.29 11:21:27 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{9BFFD57F-9B89-4120-9C3F-6E393BF8442B}

[2012.01.28 23:20:49 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{40533603-6C53-44A6-8485-4BDDBB94A69A}

[2012.01.28 23:20:23 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{D7FEED8B-8AAD-469D-B4CA-1D22DC52D0E7}

[2012.01.28 11:19:24 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{49790156-85A2-4154-9660-C1D019208EE9}

[2012.01.27 15:29:50 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{25B24589-7240-4B6C-AD6D-077C33772588}

[2012.01.27 15:29:28 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{68E20E58-7D4D-4F03-BE8C-714594917AC8}

[2012.01.26 13:36:15 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{421817B3-2BCF-4387-AE15-2F425920D1B5}

[2012.01.26 13:35:57 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{74830445-3211-47CE-89B5-EE15FD0E59FD}

[2012.01.25 15:23:49 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{4D0CD956-49AE-429E-B8F9-83BDEFB3900A}

[2012.01.25 15:23:38 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{AF84EBA6-20CD-4172-B0A2-BD86B05E2DD3}

[2012.01.24 15:27:20 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{46B4FB9B-DED8-49B3-B4D0-C99D60FD5CA9}

[2012.01.24 15:27:00 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{0A69F867-1825-4FD6-8AB0-524BE4B000DC}

[2012.01.23 12:11:09 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{FB674CB2-491B-4D4B-A8BE-328CCC142766}

[2012.01.23 12:10:58 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Roaming\Mozilla

[2012.01.22 20:35:57 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{A366B1CE-6F0C-4E09-B241-B62700021D25}

[2012.01.22 20:35:45 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{A7C614B7-21BC-4D55-96FF-DEAA95206CDD}

[2012.01.19 17:03:31 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{CF50EDDD-68FF-4031-8DDE-CE18376566B7}

[2012.01.19 17:03:16 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{DEB49F17-9034-4D36-A475-8CE02CC03BFF}

[2012.01.18 14:16:25 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{2799C4C7-23C0-40A1-B92E-48D4EDA406AA}

[2012.01.18 14:16:13 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{2FB1CE89-51A8-4244-AEA5-98A6DA433652}

[2012.01.17 20:03:51 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{F422E473-2BF8-4012-9D50-C4525C521F74}

[2012.01.17 20:03:38 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{A6EF8286-1B80-4AF9-A326-2F9851ACCFEE}

[2012.01.16 15:26:29 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{9ECA4EF5-61A4-4CE0-AC53-68FDAA6A4ABF}

[2012.01.16 15:26:18 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{3B9C5363-956C-4A36-8437-A19EC8A1EA57}

[2012.01.15 11:33:14 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{FEE2A7AA-69ED-4AD4-93FE-ADF38078423A}

[2012.01.15 11:33:01 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{49030311-06C3-4159-B56D-5B5FF46EB1E6}

[2012.01.14 11:30:56 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{47A2C6B2-61CD-429A-BF03-3FF189A86DA6}

[2012.01.14 11:30:44 | 000,000,000 | ---D | C] -- C:\Users\moritz\AppData\Local\{E28D3113-8587-4245-83DC-538D0BB03002}

[1 C:\Users\moritz\*.tmp files -> C:\Users\moritz\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.02.12 19:30:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\moritz\Desktop\OTL.exe

[2012.02.12 19:26:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.02.12 19:26:36 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys

[2012.02.12 19:10:59 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.02.12 19:06:56 | 009,502,424 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\moritz\Desktop\mbam-setup-1.60.1.1000.exe

[2012.02.12 17:48:04 | 163,736,236 | ---- | M] () -- C:\Users\moritz\Desktop\PyWright_0.986.win.zip

[2012.02.12 17:37:56 | 000,000,355 | ---- | M] () -- C:\Users\moritz\Desktop\Netzwerk - Verknüpfung.lnk

[2012.02.12 11:25:52 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter64-moritz-Notification.job

[2012.02.12 11:25:48 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\Free File Viewer Update Checker.job

[2012.02.12 11:25:47 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.02.12 11:25:45 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter64-moritz-Startup.job

[2012.02.12 00:09:37 | 023,946,962 | ---- | M] () -- C:\Users\moritz\Desktop\desmume-0.9.7-win32.zip

[2012.02.11 23:22:06 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.02.11 23:22:06 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.02.11 22:46:34 | 000,002,683 | ---- | M] () -- C:\Users\moritz\Desktop\vba.ini

[2012.02.11 22:08:10 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3444801107-2841172036-1618320042-1001UA.job

[2012.02.11 22:08:10 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.02.11 19:31:12 | 000,065,536 | ---- | M] () -- C:\Users\moritz\Desktop\r_Layton_and_the_Last_Specter__PATCHED___USA_.sav

[2012.02.11 18:46:14 | 000,314,421 | ---- | M] () -- C:\Users\moritz\Desktop\ideas1038.zip

[2012.02.11 18:08:01 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3444801107-2841172036-1618320042-1001Core.job

[2012.01.29 22:32:06 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFormoritz.job

[2012.01.26 20:39:11 | 000,001,854 | ---- | M] () -- C:\Users\moritz\AppData\Roaming\GhostObjGAFix.xml

[1 C:\Users\moritz\*.tmp files -> C:\Users\moritz\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.02.12 19:10:59 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.02.12 17:37:56 | 000,000,355 | ---- | C] () -- C:\Users\moritz\Desktop\Netzwerk - Verknüpfung.lnk

[2012.02.12 00:02:30 | 163,736,236 | ---- | C] () -- C:\Users\moritz\Desktop\PyWright_0.986.win.zip

[2012.02.11 19:07:06 | 000,002,523 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker XP.lnk

[2011.09.15 12:20:59 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE

[2011.09.15 12:20:59 | 000,006,067 | ---- | C] () -- C:\Windows\UNWISE.INI

[2011.08.11 15:07:05 | 000,001,854 | ---- | C] () -- C:\Users\moritz\AppData\Roaming\GhostObjGAFix.xml

[2011.05.28 13:53:21 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll

[2011.05.25 15:25:36 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll

[2011.05.20 16:41:03 | 000,000,000 | ---- | C] () -- C:\Users\moritz\AppData\Local\{C31F3BBD-F31B-47D0-BA2E-17FA1C9EF689}

[2011.03.23 16:45:45 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2010.10.12 19:55:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2010.10.12 19:54:07 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat

[2010.10.12 19:45:40 | 000,000,268 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini

[2010.10.12 19:45:40 | 000,000,209 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

[2010.10.12 19:43:42 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2010.07.20 16:11:18 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini

[2010.07.20 15:21:56 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat

[2010.07.20 13:42:49 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini

[2010.06.22 06:28:32 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin

[2010.06.22 06:28:32 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll

[2010.06.22 06:28:32 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

[2010.06.22 06:28:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin

[2010.06.22 06:28:32 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin

[2010.06.10 03:35:06 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2010.02.09 17:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL

[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2005.08.30 00:00:00 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\RGSS102J.dll

[2005.08.30 00:00:00 | 000,778,752 | ---- | C] () -- C:\Windows\SysWow64\RGSS102E.dll

[2005.08.30 00:00:00 | 000,771,584 | ---- | C] () -- C:\Windows\SysWow64\RGSS100J.dll

[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

 
 ========== LOP Check ==========

 

[2011.05.28 13:53:49 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\Atari

[2011.10.24 16:13:12 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\ChessBase

[2011.12.22 18:43:57 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\dingogames

[2011.06.17 19:35:39 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\DisneyInteractiveStudios

[2011.05.09 15:57:42 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\DVDVideoSoft

[2011.05.09 15:51:43 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.04.14 11:37:16 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\EscapeTheMuseum2

[2011.12.12 16:07:21 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\Fighters

[2011.04.20 10:16:15 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\FloodLightGames

[2012.02.12 19:08:24 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\FreeFileViewer

[2011.04.01 15:49:45 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\FriendsGamesNetwork

[2011.02.05 13:15:51 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\funkitron

[2011.05.08 20:50:20 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\Get from YouTube

[2011.02.22 19:22:13 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\GetRightToGo

[2012.02.12 10:24:33 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\go

[2011.05.10 19:30:36 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\Import Audio from Video

[2011.02.22 19:22:42 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\iWin

[2011.01.29 12:20:18 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\Juniper Networks

[2011.04.14 16:25:36 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\MumboJumbo

[2011.05.10 19:36:43 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\Music Editor Free

[2011.12.23 13:55:41 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\PlayFirst

[2011.02.22 16:51:37 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\Playrix Entertainment

[2011.02.26 15:25:20 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\ScreenSeven

[2011.09.14 14:07:48 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\TeamViewer

[2011.01.09 17:10:45 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\Tific

[2011.09.26 14:53:48 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\YoudaGames

[2011.03.21 12:42:47 | 000,000,000 | ---D | M] -- C:\Users\moritz\AppData\Roaming\_MDLogs

[2012.02.12 11:25:48 | 000,000,404 | ---- | M] () -- C:\Windows\Tasks\Free File Viewer Update Checker.job

[2011.11.25 15:23:28 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2012.02.12 11:25:52 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\SLOW-PCfighter64-moritz-Notification.job

[2012.02.12 11:25:45 | 000,000,362 | ---- | M] () -- C:\Windows\Tasks\SLOW-PCfighter64-moritz-Startup.job

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %SYSTEMDRIVE%\*. >

[2011.03.27 18:47:53 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin

[2011.08.27 19:53:38 | 000,000,000 | ---D | M] -- C:\.jagex_cache_32

[2011.01.21 23:24:53 | 000,000,000 | ---D | M] -- C:\05b8f1a8208571fc5c0c220f3153

[2011.01.22 08:03:26 | 000,000,000 | ---D | M] -- C:\66af2071bba1b029aedf0004b1ab74

[2011.12.23 10:34:24 | 000,000,000 | ---D | M] -- C:\BigFishGamesCache

[2011.12.24 13:50:02 | 000,000,000 | ---D | M] -- C:\Boonty

[2010.07.21 02:27:46 | 000,000,000 | -HSD | M] -- C:\boot

[2012.02.11 19:07:06 | 000,000,000 | -HSD | M] -- C:\Config.Msi

[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2011.01.09 14:28:14 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen

[2011.03.23 16:32:42 | 000,000,000 | ---D | M] -- C:\dst

[2011.06.18 14:37:49 | 000,000,000 | ---D | M] -- C:\e08d751d7977cc3bf3

[2011.12.23 16:36:14 | 000,000,000 | ---D | M] -- C:\GameHouse Games

[2010.10.12 20:10:30 | 000,000,000 | -H-D | M] -- C:\HP

[2010.10.12 20:20:24 | 000,000,000 | ---D | M] -- C:\Intel

[2011.06.22 14:21:47 | 000,000,000 | ---D | M] -- C:\midi

[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs

[2011.11.06 21:16:25 | 000,000,000 | R--D | M] -- C:\Program Files

[2012.02.12 19:10:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)

[2012.02.12 19:10:58 | 000,000,000 | -H-D | M] -- C:\ProgramData

[2011.01.09 14:28:14 | 000,000,000 | -HSD | M] -- C:\Programme

[2011.01.09 14:29:42 | 000,000,000 | -HSD | M] -- C:\Recovery

[2011.03.17 19:59:56 | 000,000,000 | ---D | M] -- C:\SwSetup

[2012.02.12 19:08:32 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2011.01.09 14:29:46 | 000,000,000 | -H-D | M] -- C:\SYSTEM.SAV

[2011.05.08 20:54:30 | 000,000,000 | ---D | M] -- C:\temp

[2011.02.26 16:43:59 | 000,000,000 | ---D | M] -- C:\Terzio

[2011.01.09 14:28:20 | 000,000,000 | R--D | M] -- C:\Users

[2012.02.12 19:08:24 | 000,000,000 | ---D | M] -- C:\Windows

[2011.04.22 14:30:44 | 000,000,000 | ---D | M] -- C:\Zylom Games

 
 < %PROGRAMFILES%\*.exe >

 
 < %LOCALAPPDATA%\*.exe >

 
 < %systemroot%\*. /mp /s >

 

 
 < MD5 for: EXPLORER.EXE  >

[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe

[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe

[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe

[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe

[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe

[2010.07.20 22:54:35 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe

[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe

[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe

[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe

[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe

[2010.07.20 22:50:18 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe

[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe

[2010.07.20 22:54:35 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe

[2010.07.20 22:50:18 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe

[2010.07.20 22:54:35 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe

[2010.07.20 22:50:18 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe

[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

[2010.07.20 22:54:35 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe

[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

[2010.07.20 22:50:18 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

 
 < MD5 for: REGEDIT.EXE  >

[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe

[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe

[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe

[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

 
 < MD5 for: USERINIT.EXE  >

[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe

[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe

[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2010.07.20 22:54:35 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2010.07.20 22:54:35 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe

[2010.07.20 22:54:35 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

 
 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 
 < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

 
 <           >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:DB77E2C4

@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:1DEE6B65

@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:6493C4DC

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:052E15C3
 

< End of report >

--- --- ---

OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 12.02.2012 19:32:56 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\moritz\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,80 Gb Total Physical Memory | 3,20 Gb Available Physical Memory | 84,22% Memory free

7,60 Gb Paging File | 7,03 Gb Available in Paging File | 92,50% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 281,98 Gb Total Space | 176,79 Gb Free Space | 62,69% Space Free | Partition Type: NTFS

Drive D: | 15,82 Gb Total Space | 2,28 Gb Free Space | 14,42% Space Free | Partition Type: NTFS

Drive E: | 6,42 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

 

Computer Name: MORITZ-HP | User Name: moritz | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1795BAA8-65EC-66D0-9DA4-D4B1FBE7700E}" = ATI Catalyst Install Manager

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes

"{B601929F-3A47-4F37-8D1E-EAD1481BE5EA}" = ccc-utility64

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{E342EC6B-5F25-47FE-B92C-DE616149B430}" = HP Wireless Assistant

"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour

"{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}" = RtVOsd

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{F6FCC591-A21B-47C7-BCB3-F535FBA210E2}" = SLOW-PCfighter

"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"SLOW-PCfighter" = SLOW-PCfighter

"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01E73CF7-3B8E-49F6-B09C-3FB122B3938A}" = HP Software Framework

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{02FC8489-58FB-2628-768A-2CE172A37D7D}" = Catalyst Control Center Graphics Previews Common

"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements

"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar

"{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant

"{08F1513E-2113-06C5-583A-FB1DE0E64AE6}" = CCC Help Chinese Standard

"{09801D34-8DE8-406A-BFD7-747AF74F5E6E}" = WhiteBoardMeeting

"{0AB910A1-042A-D781-3779-2A4DC383BF0F}" = CCC Help Czech

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D619D56-854C-F5D1-A134-4EB72974E09E}" = CCC Help Thai

"{144AAC2E-410C-6F23-5EC4-CB96049DD1D4}" = CCC Help Finnish

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1AF5A6D6-266D-9A24-D13A-5A50B2182645}" = CCC Help Norwegian

"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20EA84D4-6CB0-4FEA-8B6C-DC816CA7385F}" = Harry Potter und der Halbblut-Prinz™ Demo

"{222A544B-E6B7-496F-B4D7-6FE74FF0E616}" = Bing Bar Platform

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2A54B824-C32C-A931-17CB-A74B54E28AAE}" = CCC Help Spanish

"{2BED1172-6F40-1090-C681-26FEEF383E14}" = ccc-core-static

"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support

"{2F1E1F4D-B5CC-CA5D-2035-3A464BB053C3}" = CCC Help English

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{3234355B-963B-99FE-EECA-8A034781AF15}" = CCC Help Polish

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7

"{3C302D80-4540-BA36-7167-8B59EC0BB9F4}" = CCC Help Korean

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor

"{41136F4A-3C71-7F9F-7ECA-4E2C2D6C216F}" = CCC Help Dutch

"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager

"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager

"{4D66BBCA-8E0A-5FF3-4206-3BEA432FB1E9}" = CCC Help Turkish

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{52D59644-B08F-492E-BB68-1F0AE25ADFBB}" = Ich sehe was ... die große Schatzsuche

"{543F949F-2B95-448F-9F2E-56F0C5FF8E2C}" = Catalyst Control Center - Branding

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{668B80AF-D98F-42FC-8EE1-36252B03C5C9}_is1" = MIDI4all

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{66E2396F-1392-BECA-37D7-6C4AECED9668}" = CCC Help Russian

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7E918D75-2600-0674-ADC2-4722D7F37018}" = CCC Help Italian

"{82414541-9562-5992-5955-399710303544}" = Gardenscapes

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3

"{917C79E9-9E4E-11D6-B27C-0003FFFFFFFC}" = Fritz und Fertig

"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C632E6D-C984-75B8-DE46-8E495E179314}" = CCC Help Portuguese

"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A1A5DA17-C6A6-897E-2EBB-8BACE074FA10}" = CCC Help Swedish

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A5EFB5BD-5B8C-813B-711E-4C068721281F}" = CCC Help Danish

"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9

"{A85568D7-A01E-4E05-AFEE-4A1852D70281}" = LEGO® Pirates of the Caribbean Das Videospiel DEMO

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3 MUI

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{B0B3A2CE-C337-E33B-F24E-A8BDCA644D03}" = Catalyst Control Center Localization All

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B360E24A-BF25-4353-AA79-1B54F509024A}" = HP Documentation

"{B635B0A0-8C8B-4492-E54A-85CA5DC5CAC2}" = CCC Help Japanese

"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager

"{BAB3C6F6-8C54-BFE0-A570-1E471ACE00B5}" = Catalyst Control Center Graphics Previews Vista

"{BB9344E4-C629-7E36-6248-EAF3F7AFCB95}" = CCC Help Chinese Traditional

"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo

"{BFF2D920-80F2-46E9-8246-79A20BB9D8B2}" = Crazy Machines - Neues aus dem Labor

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CCF13D13-A87B-34E8-B689-1896D0C2DBA2}" = Google Talk Plugin

"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D45DB0E4-E813-1584-9670-ADF85214596E}" = CCC Help French

"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser

"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver

"{D952A9F5-E24D-4264-86B7-79160E361EE8}" = Fritz7

"{DB15EA7D-B263-1B9B-0C3E-25BE7D15C551}" = PX Profile Update

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E9AF8776-5533-47A0-B75C-6AF391285EEB}" = Youda Legend 2

"{EE07C46F-278A-412C-4687-54963CBC5862}" = CCC Help Hungarian

"{EFD35B3A-0296-864F-C78F-910CD41B1C32}" = CCC Help Greek

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F3E31016-0901-40D7-820C-D178A4C583AA}" = Youda Legend - The Curseof the Amsterdam Diamond

"{F8504F00-2C61-0FA1-8E17-AADA786A164F}" = CCC Help German

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{F972403C-BFE4-49EB-82B8-10D0FDBD1BB1}" = VirtualDJ Home FREE

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FE363238-928A-113D-0318-4F7CEBB88715}" = Catalyst Control Center InstallProxy

"00e1b559ced624f1a3ef930630c2d865" = Farmscapes(TM) Premium Edition

"02f682c9e4e43365877ea59acf3d6da7" = Royal Trouble

"12389d0863a0588ade0a083ab5270573" = Plants vs. Zombies(TM)

"7 Wonders II" = 7 Wonders II

"8ba0281c26cce311ea8876194c2cca4b" = LUXOR 5th Passage

"94a888f0cc14f46f31dbe64760d265e3" = Gardenscapes(TM)

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"am-tastyplanetbackforseconds" = Tasty Planet - Back for Seconds

"AutocompletePro2_is1" = AutocompletePro

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"BabylonToolbar" = Babylon toolbar

"Beetle Ju 2 VOLLVERSION" = Beetle Ju 2 VOLLVERSION

"BFGC" = Big Fish Games: Game Manager

"BFG-Tasty Planet" = Tasty Planet

"BFG-Youda Legend - Der goldene Paradiesvogel" = Youda Legend: Der goldene Paradiesvogel

"BFG-Youda Legend - The Curse of the Amsterdam Diamond" = Youda Legend: The Curse of the Amsterdam Diamond

"Bird’s Town" = Bird’s Town

"Click MusicalKEYS_is1" = Click MusicalKEYS 3.0.214

"conduitEngine" = Conduit Engine

"d98f52976e41632129699108bd8e3418" = Escape the Museum 2

"DEUTSCHLAND SPIELT Spiele Post" = DEUTSCHLAND SPIELT Spiele Post

"Die Garten-Attacke" = Die Garten-Attacke

"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER

"EasyBits Magic Desktop" = Magic Desktop

"Forte Standard" = Forte Standard 2.0

"Free Studio_is1" = Free Studio version 5.0.9

"FreeFileViewer_is1" = Free File Viewer 2011

"Funload.de Toolbar" = Funload.de Toolbar

"Gardenscapes_is1" = Gardenscapes

"Garten-Glück" = Garten-Glück

"GeoGebra" = GeoGebra

"Gold Miner Vegas" = Gold Miner Vegas (remove only)

"Google Chrome" = Google Chrome

"IncrediMail_MediaBar_2 Toolbar" = IncrediMail MediaBar 2 Toolbar

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!

"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control

"Luxor 3" = Luxor 3

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000

"Music Editor Free" = Music Editor Free

"Peggle Deluxe 1.03" = Peggle Deluxe 1.03

"Peggle Nights Deluxe 1.0.3.5802" = Peggle Nights Deluxe 1.0.3.5802

"Pflanzen gegen Zombies" = Pflanzen gegen Zombies

"Plants vs. Zombies" = Plants vs. Zombies

"PriceGong" = PriceGong 2.1.0

"Royal Trouble" = Royal Trouble

"Siebenstein 2" = Siebenstein 2

"Surf Canyon" = Surf Canyon Search Engine Assistant

"Tasty Planet" = Tasty Planet

"Tasty Planet - Back for Seconds" = Tasty Planet - Back for Seconds

"Tasty Planet Free Trial_is1" = Tasty Planet Free Trial

"Tasty Planet_is1" = Tasty Planet de

"TeamViewer 6" = TeamViewer 6

"Trusted Software Assistant_is1" = File Type Assistant

"Uninstall_is1" = Uninstall 1.0.0.1

"Vampirjagd" = Vampirjagd

"WildTangent hp Master Uninstall" = HP Games

"WinLiveSuite" = Windows Live Essentials

"Winload Toolbar" = Winload Toolbar

"WinRAR archiver" = WinRAR 4.00 (32-Bit)

"WT087361" = FATE

"WT087380" = John Deere Drive Green

"WT087394" = Penguins!

"WT087396" = Polar Bowler

"WT087420" = Agatha Christie - Death on the Nile

"WT087428" = Bejeweled 2 Deluxe

"WT087453" = Chuzzle Deluxe

"WT087480" = Insaniquarium Deluxe

"WT087485" = Jewel Quest II

"WT087490" = Jewel Quest Solitaire

"WT087501" = Plants vs. Zombies

"WT087510" = Slingo Deluxe

"WT087513" = Virtual Villagers - The Secret City

"WT087519" = Wedding Dash

"WT087533" = Zuma Deluxe

"WT087536" = Diner Dash 2 Restaurant Rescue

"Yahoo! Companion" = Yahoo! Toolbar

"Yahoo! Software Update" = Yahoo! Software Update

"Youda Legend" = Youda Legend

"Youda Legend the Golden Bird of Paradise_is1" = Youda Legend the Golden Bird of Paradise de

"Youda Legend: Der Goldene Paradiesvogel" = Youda Legend: Der Goldene Paradiesvogel

"Youda Survivor" = Youda Survivor

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Game Organizer" = EasyBits GO

"Juniper_Setup_Client" = Juniper Networks Setup Client

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 06.02.2012 15:18:33 | Computer Name = moritz-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 72213

 

Error - 06.02.2012 15:18:34 | Computer Name = moritz-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 06.02.2012 15:18:34 | Computer Name = moritz-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 73227

 

Error - 06.02.2012 15:18:34 | Computer Name = moritz-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 73227

 

Error - 06.02.2012 15:18:35 | Computer Name = moritz-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 06.02.2012 15:18:35 | Computer Name = moritz-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 74225

 

Error - 06.02.2012 15:18:35 | Computer Name = moritz-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 74225

 

Error - 06.02.2012 15:18:36 | Computer Name = moritz-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 06.02.2012 15:18:36 | Computer Name = moritz-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 75239

 

Error - 06.02.2012 15:18:36 | Computer Name = moritz-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 75239

 

[ Hewlett-Packard Events ]

Error - 03.05.2011 13:25:44 | Computer Name = moritz-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051103072526.xml

 File not created by asset agent

 

Error - 11.08.2011 10:07:04 | Computer Name = moritz-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081111040646.xml

 File not created by asset agent

 

Error - 17.10.2011 13:04:52 | Computer Name = moritz-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101117070434.xml

 File not created by asset agent

 

Error - 08.11.2011 10:44:40 | Computer Name = moritz-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\111108100732.xml

 File not created by asset agent

 

Error - 02.01.2012 12:22:35 | Computer Name = moritz-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011202052215.xml

 File not created by asset agent

 

Error - 09.01.2012 12:56:15 | Computer Name = moritz-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011209055612.xml

 File not created by asset agent

 

Error - 16.01.2012 12:48:23 | Computer Name = moritz-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011216054819.xml

 File not created by asset agent

 

Error - 26.01.2012 15:39:05 | Computer Name = moritz-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011226083858.xml

 File not created by asset agent

 

[ HP Wireless Assistant Events ]

Error - 09.01.2011 12:03:50 | Computer Name = moritz-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht

 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object

 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean

 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 

System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei

 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

 

Error - 09.01.2011 12:04:58 | Computer Name = moritz-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht

 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object

 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean

 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 

System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei

 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

 

Error - 09.01.2011 12:06:06 | Computer Name = moritz-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht

 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object

 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean

 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 

System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei

 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

 

Error - 09.01.2011 12:07:13 | Computer Name = moritz-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht

 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object

 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean

 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 

System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei

 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

 

Error - 09.01.2011 12:08:21 | Computer Name = moritz-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht

 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object

 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean

 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 

System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei

 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

 

Error - 09.01.2011 12:09:26 | Computer Name = moritz-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht

 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object

 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean

 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 

System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei

 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

 

Error - 09.01.2011 12:10:34 | Computer Name = moritz-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht

 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object

 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean

 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 

System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei

 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

 

Error - 09.01.2011 12:11:42 | Computer Name = moritz-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht

 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object

 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean

 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 

System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei

 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

 

Error - 19.08.2011 09:44:30 | Computer Name = moritz-HP | Source = HP WA Application | ID = 0

Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;

 failed to create hardware layer Fehler in der Anwendung.    bei HardwareAccess.Hardware..ctor(Dispatcher

 dispatcher, ServicePort port, Int32 timeout)     bei HardwareAccess.Hardware.Create(Dispatcher

 dispatcher, ServicePort port, Int32 timeout)     bei HPWA_Main.App.ApplicationStartup(Object

 sender, StartupEventArgs args)

 

Error - 19.08.2011 09:44:32 | Computer Name = moritz-HP | Source = HP WA Application | ID = 0

Description = MainWindow.ShowImpl; not initialized, closing application...

 

[ Media Center Events ]

Error - 20.04.2011 05:05:12 | Computer Name = moritz-HP | Source = MCUpdate | ID = 0

Description = 11:05:12 - Fehler beim Herstellen der Internetverbindung.  11:05:12 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 20.04.2011 05:05:18 | Computer Name = moritz-HP | Source = MCUpdate | ID = 0

Description = 11:05:17 - Fehler beim Herstellen der Internetverbindung.  11:05:17 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 20.04.2011 06:05:28 | Computer Name = moritz-HP | Source = MCUpdate | ID = 0

Description = 12:05:28 - Fehler beim Herstellen der Internetverbindung.  12:05:28 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 20.04.2011 06:05:38 | Computer Name = moritz-HP | Source = MCUpdate | ID = 0

Description = 12:05:33 - Fehler beim Herstellen der Internetverbindung.  12:05:33 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 11.02.2012 15:10:04 | Computer Name = moritz-HP | Source = MCUpdate | ID = 0

Description = 20:10:04 - Fehler beim Herstellen der Internetverbindung.  20:10:04 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 11.02.2012 15:10:11 | Computer Name = moritz-HP | Source = MCUpdate | ID = 0

Description = 20:10:09 - Fehler beim Herstellen der Internetverbindung.  20:10:09 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 11.02.2012 16:10:17 | Computer Name = moritz-HP | Source = MCUpdate | ID = 0

Description = 21:10:17 - Fehler beim Herstellen der Internetverbindung.  21:10:17 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 11.02.2012 16:10:23 | Computer Name = moritz-HP | Source = MCUpdate | ID = 0

Description = 21:10:22 - Fehler beim Herstellen der Internetverbindung.  21:10:22 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 11.02.2012 17:10:28 | Computer Name = moritz-HP | Source = MCUpdate | ID = 0

Description = 22:10:28 - Fehler beim Herstellen der Internetverbindung.  22:10:28 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 11.02.2012 17:10:34 | Computer Name = moritz-HP | Source = MCUpdate | ID = 0

Description = 22:10:33 - Fehler beim Herstellen der Internetverbindung.  22:10:33 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 12.02.2012 14:40:40 | Computer Name = moritz-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = Das System ist aufgrund eines kritischen thermischen Ereignisses in

 den Ruhezustand gewechselt.  Zeit für den Ruhezustand = 2012-02-12T18:40:40.786395800Z
 

              ACPI-Thermozone = ACPI\ThermalZone\TSZ0                _HOT = 369K

 

Error - 12.02.2012 14:40:42 | Computer Name = moritz-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = Das System ist aufgrund eines kritischen thermischen Ereignisses in

 den Ruhezustand gewechselt.  Zeit für den Ruhezustand = 2012-02-12T18:40:42.299598400Z
 

              ACPI-Thermozone = ACPI\ThermalZone\TSZ0                _HOT = 369K

 

Error - 12.02.2012 14:40:50 | Computer Name = moritz-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = Das System ist aufgrund eines kritischen thermischen Ereignisses in

 den Ruhezustand gewechselt.  Zeit für den Ruhezustand = 2012-02-12T18:40:50.770413300Z
 

              ACPI-Thermozone = ACPI\ThermalZone\TSZ0                _HOT = 369K

 

Error - 12.02.2012 14:40:52 | Computer Name = moritz-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = Das System ist aufgrund eines kritischen thermischen Ereignisses in

 den Ruhezustand gewechselt.  Zeit für den Ruhezustand = 2012-02-12T18:40:52.283616000Z
 

              ACPI-Thermozone = ACPI\ThermalZone\TSZ0                _HOT = 369K

 

Error - 12.02.2012 14:41:00 | Computer Name = moritz-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = Das System ist aufgrund eines kritischen thermischen Ereignisses in

 den Ruhezustand gewechselt.  Zeit für den Ruhezustand = 2012-02-12T18:41:00.754430900Z
 

              ACPI-Thermozone = ACPI\ThermalZone\TSZ0                _HOT = 369K

 

Error - 12.02.2012 14:41:02 | Computer Name = moritz-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = Das System ist aufgrund eines kritischen thermischen Ereignisses in

 den Ruhezustand gewechselt.  Zeit für den Ruhezustand = 2012-02-12T18:41:02.267633500Z
 

              ACPI-Thermozone = ACPI\ThermalZone\TSZ0                _HOT = 369K

 

Error - 12.02.2012 14:41:10 | Computer Name = moritz-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = Das System ist aufgrund eines kritischen thermischen Ereignisses in

 den Ruhezustand gewechselt.  Zeit für den Ruhezustand = 2012-02-12T18:41:10.722848400Z
 

              ACPI-Thermozone = ACPI\ThermalZone\TSZ0                _HOT = 369K

 

Error - 12.02.2012 14:41:12 | Computer Name = moritz-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = Das System ist aufgrund eines kritischen thermischen Ereignisses in

 den Ruhezustand gewechselt.  Zeit für den Ruhezustand = 2012-02-12T18:41:12.236051000Z
 

              ACPI-Thermozone = ACPI\ThermalZone\TSZ0                _HOT = 369K

 

Error - 12.02.2012 14:41:20 | Computer Name = moritz-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = Das System ist aufgrund eines kritischen thermischen Ereignisses in

 den Ruhezustand gewechselt.  Zeit für den Ruhezustand = 2012-02-12T18:41:20.706865900Z
 

              ACPI-Thermozone = ACPI\ThermalZone\TSZ0                _HOT = 369K

 

Error - 12.02.2012 14:41:22 | Computer Name = moritz-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = Das System ist aufgrund eines kritischen thermischen Ereignisses in

 den Ruhezustand gewechselt.  Zeit für den Ruhezustand = 2012-02-12T18:41:22.220068600Z
 

              ACPI-Thermozone = ACPI\ThermalZone\TSZ0                _HOT = 369K

 

 

< End of report >

--- --- ---