ioanalucky | 03.03.2012 01:50 | Code:
OTL logfile created on: 03.03.2012 00:46:12 - Run 1
OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\Princess\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 75,54% Memory free
7,18 Gb Paging File | 6,56 Gb Available in Paging File | 91,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,29 Gb Total Space | 12,34 Gb Free Space | 10,61% Space Free | Partition Type: NTFS
Drive E: | 115,13 Gb Total Space | 59,36 Gb Free Space | 51,55% Space Free | Partition Type: NTFS
Computer Name: PRINCESS-PC | User Name: Princess | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Princess\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\HelpPane.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Users\Princess\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Princess\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll ()
MOD - C:\Users\Princess\AppData\Local\Google\Chrome\Application\17.0.963.56\avutil-51.dll ()
MOD - C:\Users\Princess\AppData\Local\Google\Chrome\Application\17.0.963.56\avformat-53.dll ()
MOD - C:\Users\Princess\AppData\Local\Google\Chrome\Application\17.0.963.56\avcodec-53.dll ()
MOD - C:\Users\Princess\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll ()
MOD - C:\Users\Princess\AppData\Local\Google\Chrome\APPLIC~1\170963~1.56\gcswf32.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
========== Win32 Services (SafeList) ==========
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (WTGService) -- C:\Programme\Verbindungsassistent\WTGService.exe ()
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (TNaviSrv) -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (SmartFaceVWatchSrv) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe (Toshiba)
SRV - (TOSHIBA Bluetooth Service) -- c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TosCoSrv) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA SMART Log Service) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (jswpsapi) -- C:\Programme\Jumpstart\jswpsapi.exe (Atheros Communications, Inc.)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
========== Driver Services (SafeList) ==========
DRV - (StarOpen) -- File not found
DRV - (rootrepeal) -- File not found
DRV - (NwlnkFwd) -- File not found
DRV - (NwlnkFlt) -- File not found
DRV - (IpInIp) -- File not found
DRV - (hwusbfake) -- File not found
DRV - (ewsercd) -- File not found
DRV - (aswMBR) -- File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (jswpslwf) -- C:\Windows\System32\drivers\jswpslwf.sys (Atheros Communications, Inc.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (FwLnk) -- C:\Windows\System32\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.ro
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.ro
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://www.google.ro
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.ro
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.ro
IE - HKLM\..\SearchScopes,DefaultScope = {C51C58BF-2F41-4B80-8595-DC9D65219CC3}
IE - HKLM\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp
IE - HKLM\..\SearchScopes\{C51C58BF-2F41-4B80-8595-DC9D65219CC3}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.ro
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.ro
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn1\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {91C79C6E-7584-463E-9BC3-14198067C368}
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=8tzCR2eTcyXKp2CadvG_Bopv8ms?q={searchTerms}
IE - HKCU\..\SearchScopes\{91C79C6E-7584-463E-9BC3-14198067C368}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
IE - HKCU\..\SearchScopes\{C51C58BF-2F41-4B80-8595-DC9D65219CC3}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA_deDE326
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-rog
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F}:1.3.3
FF - prefs.js..extensions.enabledItems: {64e8cc5b-20db-4212-8320-178fc5ae71f7}:1.5
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.5
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.5
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Princess\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Princess\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Princess\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Princess\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.8.1: C:\Users\Princess\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.05.15 16:05:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.07.08 21:32:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.21 17:25:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.03 12:25:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.05.15 16:05:34 | 000,000,000 | ---D | M]
[2009.05.04 16:20:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Princess\AppData\Roaming\mozilla\Extensions
[2012.02.21 17:28:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Princess\AppData\Roaming\mozilla\Firefox\Profiles\5g1m8qyf.default\extensions
[2012.02.06 19:14:26 | 000,000,000 | ---D | M] ("Winamp Toolbar") -- C:\Users\Princess\AppData\Roaming\mozilla\Firefox\Profiles\5g1m8qyf.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012.02.04 09:58:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Princess\AppData\Roaming\mozilla\Firefox\Profiles\5g1m8qyf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.01.16 11:46:38 | 000,000,000 | ---D | M] (FaceMod Dislike Button) -- C:\Users\Princess\AppData\Roaming\mozilla\Firefox\Profiles\5g1m8qyf.default\extensions\{64e8cc5b-20db-4212-8320-178fc5ae71f7}
[2011.06.17 21:59:22 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Princess\AppData\Roaming\mozilla\Firefox\Profiles\5g1m8qyf.default\extensions\plugin@yontoo.com
[2012.02.06 16:13:04 | 000,000,000 | ---D | M] (Echofon) -- C:\Users\Princess\AppData\Roaming\mozilla\Firefox\Profiles\5g1m8qyf.default\extensions\twitternotifier@naan.net
[2011.07.31 20:05:34 | 000,002,354 | ---- | M] () -- C:\Users\Princess\AppData\Roaming\Mozilla\Firefox\Profiles\5g1m8qyf.default\searchplugins\aol-web-search.xml
[2009.09.14 19:25:51 | 000,000,681 | ---- | M] () -- C:\Users\Princess\AppData\Roaming\Mozilla\Firefox\Profiles\5g1m8qyf.default\searchplugins\ask.xml
[2009.05.15 17:14:17 | 000,002,354 | ---- | M] () -- C:\Users\Princess\AppData\Roaming\Mozilla\Firefox\Profiles\5g1m8qyf.default\searchplugins\kiwee-live-search.xml
[2011.11.20 18:28:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.01.16 22:14:01 | 000,000,000 | ---D | M] (FaceMod Dislike Button) -- C:\Programme\Mozilla Firefox\extensions\{64e8cc5b-20db-4212-8320-178fc5ae71f7}
[2011.11.06 08:46:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.09.04 13:16:34 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF
() (No name found) -- C:\USERS\PRINCESS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5G1M8QYF.DEFAULT\EXTENSIONS\{77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F}.XPI
[2012.02.21 17:25:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.02.21 17:25:51 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.21 17:25:51 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.21 17:25:51 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.21 17:25:51 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.21 17:25:51 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.21 17:25:51 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Princess\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Princess\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Princess\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Princess\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Princess\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll
CHR - plugin: 3D Life Player (Enabled) = C:\Program Files\Virtools\3D Life Player\npvirtools.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Princess\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.8.1 (Enabled) = C:\Users\Princess\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Princess\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Princess\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Princess\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Princess\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: Skype Click to Call = C:\Users\Princess\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Gmail = C:\Users\Princess\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Programme\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {FCCC63D1-D8E4-458D-BC4F-B0C3CABF31AB} - C:\Programme\FaceMod\FaceMod_Dislike.dll (FaceMod, Inc)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\PageRage\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [cfFncEnabler.exe] cfFncEnabler.exe File not found
O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [HDMICtrlMan] C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Programme\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe" File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe File not found
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Programme\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Princess\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GameXN] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKCU..\Run: [GameXN (news)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKCU..\Run: [GameXN (update)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [SkypeM] C:\Users\Princess\AppData\Local\Skype\Skype.exe (Activision Blizzard, Inc.)
O4 - HKCU..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [YSearchProtection] C:\Programme\Yahoo!\Search Protection\YspService.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [NoIE4StubProcessing] C:\Windows\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f File not found
O4 - Startup: C:\Users\Princess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Bewerbung-Reminder.lnk = C:\Programme\Buhl\Bewerbung 2008\KCReminder.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Programme\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Lokales Intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: CabBuilder hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E7332DD-5CFA-4B9C-A4BF-97B6C95423A0}: DhcpNameServer = 188.173.96.18 94.53.12.30
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C53EB9A-8164-412C-A196-598A2FBBAF57}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B71E8D11-6494-4F10-828E-B49A15103D86}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\memegon: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\memegon.dll) - C:\Windows\System32\config\systemprofile\AppData\Local\memegon.dll ()
O24 - Desktop WallPaper: C:\Users\Princess\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Princess\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7bb5169e-89f0-11e0-9e12-002258e3c105}\Shell - "" = AutoRun
O33 - MountPoints2\{7bb5169e-89f0-11e0-9e12-002258e3c105}\Shell\AutoRun\command - "" = D:\autorun.exe
O33 - MountPoints2\{7bb5169e-89f0-11e0-9e12-002258e3c105}\Shell\install\command - "" = D:\setup.exe
O33 - MountPoints2\{7bb516b0-89f0-11e0-9e12-002258e3c105}\Shell - "" = AutoRun
O33 - MountPoints2\{7bb516b0-89f0-11e0-9e12-002258e3c105}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{7bb516e2-89f0-11e0-9e12-002258e3c105}\Shell - "" = AutoRun
O33 - MountPoints2\{7bb516e2-89f0-11e0-9e12-002258e3c105}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{7bb5172d-89f0-11e0-9e12-001e33a24d25}\Shell - "" = AutoRun
O33 - MountPoints2\{7bb5172d-89f0-11e0-9e12-001e33a24d25}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{f91301f3-8937-11de-9c06-002258e3c105}\Shell - "" = AutoRun
O33 - MountPoints2\{f91301f3-8937-11de-9c06-002258e3c105}\Shell\AutoRun\command - "" = D:\autorun.exe
O33 - MountPoints2\{f91301f3-8937-11de-9c06-002258e3c105}\Shell\install\command - "" = D:\setup.exe
O33 - MountPoints2\{f91301f6-8937-11de-9c06-002258e3c105}\Shell - "" = AutoRun
O33 - MountPoints2\{f91301f6-8937-11de-9c06-002258e3c105}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{f9d47ecd-8a94-11e0-a82e-002258e3c105}\Shell - "" = AutoRun
O33 - MountPoints2\{f9d47ecd-8a94-11e0-a82e-002258e3c105}\Shell\AutoRun\command - "" = H:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.02.24 03:02:05 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.24 03:02:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.24 03:02:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.24 03:02:04 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.24 03:02:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.24 03:02:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.24 03:02:04 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.24 03:02:04 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.24 03:02:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.24 03:02:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.24 03:02:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.24 03:02:03 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.24 03:02:03 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.24 03:02:03 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.24 03:02:03 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.24 03:02:03 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.24 03:02:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.24 03:02:03 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.24 03:02:03 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.24 03:02:03 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.24 03:02:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.24 03:02:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.24 03:02:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.24 03:02:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.24 03:02:02 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.24 03:02:02 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.24 03:02:02 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.24 03:02:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.24 03:02:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.24 03:02:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.24 03:02:02 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.24 03:02:02 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.24 03:02:02 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.24 03:02:02 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.24 03:02:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.24 03:02:01 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.24 03:02:01 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.16 18:34:18 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.02.12 22:04:15 | 000,000,000 | ---D | C] -- C:\Users\Princess\AppData\Roaming\Happy Chef
[2012.02.12 12:22:11 | 000,000,000 | ---D | C] -- C:\Users\Princess\AppData\Roaming\Maximize Games
[2012.02.12 12:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Maximize Games
[2012.02.05 19:22:29 | 000,000,000 | ---D | C] -- C:\Users\Princess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.02.04 11:00:01 | 000,000,000 | ---D | C] -- C:\Users\Princess\AppData\Local\Deployment
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.03.03 00:31:30 | 000,001,356 | ---- | M] () -- C:\Users\Princess\AppData\Local\d3d9caps.dat
[2012.03.03 00:31:17 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.03 00:19:31 | 000,627,756 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.03.03 00:19:31 | 000,595,386 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.03.03 00:19:31 | 000,125,870 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.03.03 00:19:31 | 000,103,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.03.03 00:15:22 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012.03.03 00:15:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.03 00:12:15 | 000,000,000 | ---- | M] () -- C:\Users\Princess\Desktop\settings.dat
[2012.03.03 00:11:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.03 00:10:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.03 00:10:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.02 22:23:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.02 22:19:05 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3255327043-1883419970-2560373116-1000UA.job
[2012.03.02 21:45:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3255327043-1883419970-2560373116-1000UA.job
[2012.03.02 20:48:00 | 000,000,480 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Princess.job
[2012.03.02 17:45:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3255327043-1883419970-2560373116-1000Core.job
[2012.03.02 01:19:01 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3255327043-1883419970-2560373116-1000Core.job
[2012.02.26 21:45:28 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012.02.24 03:02:13 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.02.24 03:02:13 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.02.24 03:02:05 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.24 03:02:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.24 03:02:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.24 03:02:04 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.24 03:02:04 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.24 03:02:04 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.24 03:02:04 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.24 03:02:04 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.24 03:02:04 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.24 03:02:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.24 03:02:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.24 03:02:03 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.24 03:02:03 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.24 03:02:03 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.24 03:02:03 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.24 03:02:03 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.24 03:02:03 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.24 03:02:03 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.24 03:02:03 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.24 03:02:03 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.24 03:02:03 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.24 03:02:03 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.24 03:02:03 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.02.24 03:02:03 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.24 03:02:03 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.24 03:02:02 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.24 03:02:02 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.24 03:02:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.24 03:02:02 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.24 03:02:02 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.24 03:02:02 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.24 03:02:02 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.24 03:02:02 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.24 03:02:02 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.24 03:02:02 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.24 03:02:02 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.24 03:02:01 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.24 03:02:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.22 19:31:28 | 000,091,136 | ---- | M] () -- C:\Users\Princess\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.20 09:56:10 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.02.17 03:39:19 | 000,325,560 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.12 22:03:25 | 000,001,816 | ---- | M] () -- C:\Users\Princess\Desktop\Happy Chef.lnk
[2012.02.12 12:12:05 | 000,001,825 | ---- | M] () -- C:\Users\Princess\Desktop\2 Tasty Too.lnk
[2012.02.05 13:19:45 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.03.03 00:31:17 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.03 00:12:15 | 000,000,000 | ---- | C] () -- C:\Users\Princess\Desktop\settings.dat
[2012.02.24 03:02:03 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.02.12 22:03:25 | 000,001,816 | ---- | C] () -- C:\Users\Princess\Desktop\Happy Chef.lnk
[2012.02.12 12:12:05 | 000,001,825 | ---- | C] () -- C:\Users\Princess\Desktop\2 Tasty Too.lnk
[2012.02.05 17:40:07 | 000,000,920 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3255327043-1883419970-2560373116-1000UA.job
[2012.02.05 17:40:07 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3255327043-1883419970-2560373116-1000Core.job
[2011.05.26 16:08:14 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.03.13 00:36:22 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.08.23 22:38:15 | 000,001,356 | ---- | C] () -- C:\Users\Princess\AppData\Local\d3d9caps.dat
[2010.04.21 11:53:14 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2010.03.04 19:54:13 | 000,000,070 | ---- | C] () -- C:\Windows\wiso.ini
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:8CCDAB14
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:47A24D4B
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:BF2E2F0E
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5E9B629B
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:87951F59
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:2AEB42F1
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:6E1F359F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:AF9BF410
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:4B244549
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:FA408F93
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:18BFD8F8
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:9485E512
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:9D605054
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E9DC8DCB
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:F64FC07C
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2CCB0949
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:D3B928B0
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:B0F20871
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A18121AD
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:517B507A
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:1AC0C8F5
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:7E6889B0
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:10F6E97E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:4FB3F92A
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:1037D53D
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:870649A4
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:75F5C19E
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:701B92FB
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:569CEE83
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:F6E5C7FB
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:A58B27C9
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:28CDD861
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:89E1BAF5
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:375FC7E7
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:FDCAE7B5
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:EEB25EAE
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:60A4BB64
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:E40EED9B
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:ADF211B1
< End of report > Code:
OTL Extras logfile created on: 03.03.2012 00:46:12 - Run 1
OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\Princess\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 75,54% Memory free
7,18 Gb Paging File | 6,56 Gb Available in Paging File | 91,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,29 Gb Total Space | 12,34 Gb Free Space | 10,61% Space Free | Partition Type: NTFS
Drive E: | 115,13 Gb Total Space | 59,36 Gb Free Space | 51,55% Space Free | Partition Type: NTFS
Computer Name: PRINCESS-PC | User Name: Princess | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3255327043-1883419970-2560373116-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sopocx.ocx" = %windir%\system32\sopocx.ocx:*:Enabled:sopocx.ocx -- (SopCast.com)
"%windir%\system32\tvu49.ocx" = %windir%\system32\tvu49.ocx:*:Enabled:tvu49.ocx -- (Tv-U Net Plugin)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19F75331-5551-4DAA-AE42-96C422E82711}" = lport=137 | protocol=17 | dir=in | app=system |
"{226E6148-9E26-476C-AD56-FEEC9CC18097}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{39EDB130-13EB-4DC1-85DA-B372AAA3FF94}" = lport=139 | protocol=6 | dir=in | app=system |
"{3F1ACAD7-AD24-4B80-8657-59A695BBE462}" = rport=137 | protocol=17 | dir=out | app=system |
"{438879AE-C0A4-43E3-A739-09985ECC9D25}" = rport=445 | protocol=6 | dir=out | app=system |
"{4B44A341-CD1A-4F46-8173-662B8A62F22B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5E13148A-15C6-43B6-A65E-66C31C31B672}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5E6A8854-83F9-4EDA-858E-29EB57A14E8B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{64EB7C42-EFC6-481D-B72D-B3D37B5841E0}" = lport=138 | protocol=17 | dir=in | app=system |
"{779E4FA1-17DB-4EF6-8CE6-3B6F7258ECAA}" = rport=138 | protocol=17 | dir=out | app=system |
"{90528011-9A32-40F1-AB64-28C1F25FC967}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A02E36E6-CCC1-4C9B-9517-B97172B790E1}" = rport=139 | protocol=6 | dir=out | app=system |
"{A16DCB4C-DB29-4F6B-8803-BC15BD2ED91E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A28AF90D-56B3-4175-B166-20746889C833}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CA70A416-E99B-499A-8023-4D862E0EA9FE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DEFBD098-FDC9-46B3-952D-B43938360528}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E14FAB34-0CB1-470B-9B70-8E06C66489B1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F43BD4DA-5FE3-41EF-A1ED-C8F47FF6CF24}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F8608437-04FD-42EC-B33F-3B73C5B39992}" = lport=445 | protocol=6 | dir=in | app=system |
"{FD66D7D8-68FB-44A7-BBCA-0286A2E61510}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0099A424-0CE7-4791-942D-8AE50520E1AA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{080CB73B-AE38-4087-B758-920E6F5B4321}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{081A823B-DD3B-465B-99D9-60A144F438EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0DA43F47-13CC-4206-A481-30ECBAF74437}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{12427622-D701-4A34-BEBA-31C184FC40B5}" = protocol=17 | dir=in | app=f:\libneap.dll |
"{131661F3-60AC-4BB3-8DC3-7AFBF404AE94}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{1BEDA245-33FF-4000-986B-1B7D1612B554}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2956A4D8-C29A-4541-977D-C39374E2076C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B7DF5ED-6458-48A4-9AC3-2EEEF6B9B6B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E5C2312-984C-4152-8B01-092CFB4AB4DA}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{2F20785B-8C52-43E6-82ED-D00A27EB6395}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{31570025-5F68-43BC-8580-9574EE15F2AF}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{332EE4C6-F716-4248-B542-6522164864B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{338C7F31-9F9E-4CC6-B93C-FD6617B96B90}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{37DA1682-318A-4ADF-90D0-2C41EEFBE379}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3D9D5B71-B883-4311-AB82-190B8DD5DC2C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3DCA50EC-2FF1-4BF6-A23C-71ADC0ED1784}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{42FEE2D5-F787-4DDF-9FD9-69DB98E7B854}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{44DE0D2B-8BA0-4D51-899F-F5FC8AC871A1}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe |
"{4A795C04-BFA7-4AA3-B668-355885E5E255}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{4EA1EF7E-3370-48FE-8005-0D14C3AFCD51}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{553B1438-EE8A-418D-AF96-0A7DC6B502DC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5DF16E07-8AB7-4C13-9CBF-81D8EFB3D520}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{67A2F3E4-FF74-4E43-93A7-076C8C5E5EE9}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{6ED78002-655C-4E47-B72F-039C969DFF41}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{712270E7-8435-43A0-BB22-C235731C83D0}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{7509FF1C-C62F-43E4-A8E8-AC22E6033C64}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{8310D89B-27B8-4EAA-AB23-CE69320ED78E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{88F9A71D-A706-4B1E-BB47-846075BD48BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DD6B168-DB0E-4327-8A8F-002AE8ABBDB8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91F0AAF5-4A9E-4139-81A9-593B996CC206}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{92A97C06-4BA6-4CFA-B8DB-92DDAD1B032C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{95A29AE4-921C-4D54-8133-19AFEA848AA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B1FD077-65E2-4E7B-AEBC-2D0C47AF0336}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B51A8E1D-6523-44F8-B632-35C4398E963F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B98C86F2-D4A4-498F-98F0-6BE93C095DB9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD827C27-D552-4C58-96A7-D431769C9FF7}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{BEE4F1A9-CF5C-4BBA-BF4B-8724805E03C7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C0690657-5199-4162-B3F7-3701B579DCA7}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{C3B47487-FEE6-42D8-AD8E-6352302BF5E7}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C90FD0CB-0073-4EFB-B2CB-E91BFB46A2D6}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{C9C514BC-99DA-4E25-920B-C90D00E3A39A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CB16A0F8-61BE-4C12-9154-3D4379CA1986}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CF5C4981-DF52-4774-B255-733E35EBE469}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{CFF1520A-65DE-47DE-802E-5DF9BA1A3E8A}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{D077359C-AACF-40F3-9E4A-143F6EE22F37}" = protocol=6 | dir=in | app=f:\libneap.dll |
"{D9B0838F-160E-4388-BB12-826B365C8F8F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDF52617-A185-4DF7-851B-2993CDB16FE7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5B96A04-4329-4088-B36C-8BC716EABCF3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E7972DF9-AA01-4BCB-B740-B98BE8F6407E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7DC4B37-4DF4-42FC-A07E-92D400A40685}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EE292334-2889-42F6-B543-28ECF848F3F4}" = protocol=17 | dir=in | app=f:\dwizard615.exe |
"{F2AE6EDE-629A-4ACC-BF84-D5FF3BB6BD17}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe |
"{F3FBFEE9-87E9-4F2B-83B0-BB74BB00A2E1}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F898960E-61C9-4F56-BE26-42434C33582E}" = dir=in | app=c:\users\princess\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{FAD1F5BD-292C-47C1-9093-AC729A0E34B6}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{FE80C98B-E7B2-48E8-831D-C1BE1793FE2B}" = protocol=6 | dir=in | app=f:\dwizard615.exe |
"TCP Query User{1CE0895E-9420-4472-803E-5861EB7F11F1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{36AF931B-EBC9-43C4-A0B3-7400B417D443}C:\program files\yahoo!\messenger\yserver.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"TCP Query User{3B73640B-5D59-42FF-8039-38862F960621}C:\program files\secondlife\secondlife.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\secondlife.exe |
"TCP Query User{3ED3B3B8-6E73-425D-B3E0-3240256646FC}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{4D5CF13F-0A5C-4CD8-93D1-1A79929BE48D}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{769B8CA7-2548-4E0C-B16E-534F199F475F}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{818D6B92-BFB3-4C7A-AF13-563C425E8484}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"TCP Query User{CEB5931F-0A1B-4B19-A304-6FF023BED25F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{EC7C3566-654A-41B6-B9D0-71D6DAE0A75A}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{F0C4B61F-BFB6-49A2-9AD1-6042FB2016E3}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F115A4C1-5D9A-4DB9-938F-B6F1274D0088}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{1D0EDECE-5A3A-45A0-94F5-836FFB109D13}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{4C7080DE-669C-46E4-B1D0-7E813C33A82C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{7209A28C-D901-4B2B-9C80-EE191A3970CF}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{92A104DE-1AA9-44AB-BACF-09645B73E02A}C:\program files\secondlife\secondlife.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\secondlife.exe |
"UDP Query User{97F2D668-382E-4A37-8F44-0D2ECB4DED95}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{A73B00EB-0A0C-477A-8479-D26278DA72C4}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{ACC04B6B-605A-4666-A148-6C98AE7B542A}C:\program files\yahoo!\messenger\yserver.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"UDP Query User{C238CD55-6334-4531-A81F-1F19F02DE2CA}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{C362A14A-C124-4C2D-AA20-3A830F4442C0}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{C78CE580-04EB-4B2A-BA4B-0FC6C2821E53}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{ED88E786-A864-4032-AD8C-86F012E94A52}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{031E011D-E155-516E-E9E8-0B2A583735D6}" = Catalyst Control Center Graphics Previews Vista
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1DCEABB6-0DD8-F69C-E727-2BB47E6D9DF0}" = Catalyst Control Center Graphics Light
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2610BC29-595C-C0D1-CE42-8BC7A79999F4}" = Catalyst Control Center Graphics Full Existing
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D0DC563-4C99-4AB1-8C22-514940666938}" = Catalyst Control Center - Branding
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{41AA53F3-EA11-31C5-3FF8-BE6A0ABA5524}" = ccc-utility
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{67D2657B-4F8C-5912-3180-CA7357631FC9}" = CCC Help English
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72CBC468-82F9-48F8-B5B0-3300387E41AA}" = Nokia Ovi Suite Software Updater
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77B198D5-34A3-7655-87D9-7F6034971F31}" = Skins
"{7869D860-77E4-68B0-0B24-90817760671F}" = CCC Help German
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C30283C-8DC7-4FBB-805E-52BEA5F580E8}" = Toshiba TEMPRO
"{7EAB15F0-5857-A3B6-565F-F5A27EC4FD91}" = ATI Catalyst Install Manager
"{7F984B0E-2BDD-BF65-C05A-A49A23CEE77C}" = Catalyst Control Center Core Implementation
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = PageRage 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A5B75D0B-0861-C9E8-7C25-4B316C16E8D9}" = Catalyst Control Center Graphics Full New
"{A69A97C2-D224-7EC8-1970-6513745E32B9}" = ccc-core-static
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C4F1B9FE-F3AF-11D5-93D1-00C0CA18FDE6}" = Hotel Giant
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D9F6BE01-B288-EFB3-B7CE-D936E164E182}" = Catalyst Control Center Localization German
"{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E6098043-1183-4580-89EF-423CBF807188}" = pdfforge Toolbar v4.6
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}" = HDMI Control Manager
"{FC2299B7-571D-453E-AB1C-61BCC9997DEE}" = Lohnsteuer-Freibetrag 2010
"{FD065B02-AE17-4496-8C0F-FFD3A9FD9460}" = WISO Bewerbung 2008
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"2 Tasty Too 1.00" = 2 Tasty Too 1.00
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"Bistro Boulevard 1.00" = Bistro Boulevard 1.00
"Chloes Dream Resort 1.00" = Chloes Dream Resort 1.00
"Cooking Dash - DinerTown Studios1.0" = Cooking Dash - DinerTown Studios
"CSI - Tödliche Verschwörung" = CSI - Tödliche Verschwörung
"DC++" = DC++ 0.750
"Dr. Wise Medical Mysteries 1.00" = Dr. Wise Medical Mysteries 1.00
"Drawn The Painted Tower 1.00" = Drawn The Painted Tower 1.00
"Dream Cars 1.00" = Dream Cars 1.00
"Dream Day Wedding 6 Bella Italia 1.00" = Dream Day Wedding 6 Bella Italia 1.00
"Elixir of Immortality 1.00" = Elixir of Immortality 1.00
"Empress of the Deep The Darkest Secret 1.00" = Empress of the Deep The Darkest Secret 1.00
"Enchanted Katya Mystery of the Lost Wizard 1.00" = Enchanted Katya Mystery of the Lost Wizard 1.00
"ER Mania 1.00" = ER Mania 1.00
"Escape the Museum 2 1.00" = Escape the Museum 2 1.00
"FaceMod Dislike Button_is1" = FaceMod Dislike Button 1.5
"Family Restaurant 1.00" = Family Restaurant 1.00
"Fantastic Farm 1.00" = Fantastic Farm 1.00
"Farm Craft 2 Global Vegetable Crisis 1.00" = Farm Craft 2 Global Vegetable Crisis 1.00
"Farm Frenzy 3 Ice Age 1.00" = Farm Frenzy 3 Ice Age 1.00
"Farm Frenzy 31.0" = Farm Frenzy 3
"Farm Frenzy Gone Fishing 1.00" = Farm Frenzy Gone Fishing 1.00
"Farm Mania 2 1.00" = Farm Mania 2 1.00
"Farm Tribe 1.00" = Farm Tribe 1.00
"Farmers Market 1.00" = Farmers Market 1.00
"Fiona Finch and the Finest Flowers 1.00" = Fiona Finch and the Finest Flowers 1.00
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Fishers Family Farm 1.00" = Fishers Family Farm 1.00
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Google Desktop" = Google Desktop
"Gwen the Magic Nanny 1.00" = Gwen the Magic Nanny 1.00
"Happy Chef 1.00" = Happy Chef 1.00
"Hidden Magic 1.00" = Hidden Magic 1.00
"HijackThis" = HijackThis 2.0.2
"Home Sweet Home 2 Kitchens and Baths 1.00" = Home Sweet Home 2 Kitchens and Baths 1.00
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hospital Haste 1.00" = Hospital Haste 1.00
"Hotel Dash 2 Lost Luxuries 1.00" = Hotel Dash 2 Lost Luxuries 1.00
"HyperIM" = HyperIM 2.14
"Incredible Express 1.00" = Incredible Express 1.00
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Island Realms 1.00" = Island Realms 1.00
"Janes Hotel Mania 1.00" = Janes Hotel Mania 1.00
"Jane's Zoo 1.00" = Jane's Zoo 1.00
"Jewel Quest Mysteries Trail of the Midnight Heart 1.00" = Jewel Quest Mysteries Trail of the Midnight Heart 1.00
"KaraFun_is1" = KaraFun 1.18
"Karaoke Anything!1.0" = Karaoke Anything!
"Kitchen Brigade 1.00" = Kitchen Brigade 1.00
"Kuros 1.00" = Kuros 1.00
"Lisas Fleet Flight 1.00" = Lisas Fleet Flight 1.00
"Magic Encyclopedia 3 Illusions 1.00" = Magic Encyclopedia 3 Illusions 1.00
"Magic Farm Ultimate Flower 1.00" = Magic Farm Ultimate Flower 1.00
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Making Mr. Right1.0" = Making Mr. Right
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Many Years Ago1.0" = Many Years Ago
"Marooned 1.00" = Marooned 1.00
"Masquerade Mysteries The Case of the Copycat Curator 1.00" = Masquerade Mysteries The Case of the Copycat Curator 1.00
"Matchmaker Joining Hearts 1.00" = Matchmaker Joining Hearts 1.00
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"MP3 Cutter_is1" = MP3 Cutter 1.2
"Mr Jones Graveyard Shift 1.00" = Mr Jones Graveyard Shift 1.00
"myphotobook" = myphotobook 3.5
"Mystery Case Files Dire Grove Collectors Edition (Updated) 1.1.5" = Mystery Case Files Dire Grove Collectors Edition (Updated) 1.1.5
"Mystery Masterpiece - The Moonstone 1.00" = Mystery Masterpiece - The Moonstone 1.00
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NAVIGON Sync" = NAVIGON Sync 2.0.0
"Nokia Maps Updater_is1" = Nokia Maps Updater 1.0.12
"Nokia Ovi Suite" = Nokia Ovi Suite
"NSS" = Norton Security Scan
"Paradise Beach 1.00" = Paradise Beach 1.00
"Party Planner 1.00" = Party Planner 1.00
"PDF Editor 3" = PDF Editor 3
"Picasa 3" = Picasa 3
"Rare Treasures Dinnerware Trading Company BFG 1.00" = Rare Treasures Dinnerware Trading Company BFG 1.00
"Real Detectives 1.00" = Real Detectives 1.00
"RealPlayer 12.0" = RealPlayer
"Red Cross Emergency Response Unit1.0" = Red Cross Emergency Response Unit
"Rescue Team Updated 1.00" = Rescue Team Updated 1.00
"Roads of Rome 1.00" = Roads of Rome 1.00
"Roads Of Rome 2 1.00" = Roads Of Rome 2 1.00
"Robinson Crusoe and the Cursed Pirates 1.00" = Robinson Crusoe and the Cursed Pirates 1.00
"Romance of Rome 1.00" = Romance of Rome 1.00
"Samantha Swift and the Fountains of Fate 1.00" = Samantha Swift and the Fountains of Fate 1.00
"Soap Opera Dash 1.00" = Soap Opera Dash 1.00
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Spa Mania 2 1.00" = Spa Mania 2 1.00
"Super Ranch 1.00" = Super Ranch 1.00
"Supermarket Management1.1.6" = Supermarket Management
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"uTorrent" = µTorrent
"Verbindungsassistent" = Verbindungsassistent
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"Youda Farmer 3 Seasons 1.00" = Youda Farmer 3 Seasons 1.00
"Youda Fisherman 1.00" = Youda Fisherman 1.00
"Youda Survivor 2 1.00" = Youda Survivor 2 1.00
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Game Organizer" = GameXN GO
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
"Winamp Toolbar" = Winamp Toolbar
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.8.1
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 07.10.2009 12:52:59 | Computer Name = Princess-PC | Source = avast! | ID = 33554522
Description =
Error - 11.11.2009 22:21:49 | Computer Name = Princess-PC | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 02.03.2012 17:37:04 | Computer Name = Princess-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.03.2012 17:38:06 | Computer Name = Princess-PC | Source = WinDefendRtp | ID = 3003
Description = Vom %%827-Echtzeitschutz-Prüfpunkt wurde ein Fehler festgestellt.
Er konnte daraufhin nicht gestartet werden. Benutzer: Princess-PC\Princess Prüfpunkt-ID:
57 Fehlercode: 0x80070005 Fehlerbeschreibung: Zugriff verweigert
Error - 02.03.2012 17:46:26 | Computer Name = Princess-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.03.2012 17:50:12 | Computer Name = Princess-PC | Source = WinDefendRtp | ID = 3003
Description = Vom %%827-Echtzeitschutz-Prüfpunkt wurde ein Fehler festgestellt.
Er konnte daraufhin nicht gestartet werden. Benutzer: Princess-PC\Princess Prüfpunkt-ID:
57 Fehlercode: 0x80070005 Fehlerbeschreibung: Zugriff verweigert
Error - 02.03.2012 17:57:47 | Computer Name = Princess-PC | Source = EventSystem | ID = 4609
Description =
Error - 02.03.2012 17:58:25 | Computer Name = Princess-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.03.2012 19:12:05 | Computer Name = Princess-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.03.2012 19:13:00 | Computer Name = Princess-PC | Source = WinDefendRtp | ID = 3003
Description = Vom %%827-Echtzeitschutz-Prüfpunkt wurde ein Fehler festgestellt.
Er konnte daraufhin nicht gestartet werden. Benutzer: Princess-PC\Princess Prüfpunkt-ID:
57 Fehlercode: 0x80070005 Fehlerbeschreibung: Zugriff verweigert
Error - 02.03.2012 19:15:46 | Computer Name = Princess-PC | Source = EventSystem | ID = 4609
Description =
Error - 02.03.2012 19:16:33 | Computer Name = Princess-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 02.03.2012 17:58:41 | Computer Name = Princess-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 02.03.2012 17:58:57 | Computer Name = Princess-PC | Source = DCOM | ID = 10005
Description =
Error - 02.03.2012 17:59:01 | Computer Name = Princess-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 02.03.2012 19:15:40 | Computer Name = Princess-PC | Source = DCOM | ID = 10005
Description =
Error - 02.03.2012 19:15:41 | Computer Name = Princess-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =
Error - 02.03.2012 19:15:46 | Computer Name = Princess-PC | Source = DCOM | ID = 10005
Description =
Error - 02.03.2012 19:15:48 | Computer Name = Princess-PC | Source = DCOM | ID = 10005
Description =
Error - 02.03.2012 19:16:02 | Computer Name = Princess-PC | Source = DCOM | ID = 10005
Description =
Error - 02.03.2012 19:16:33 | Computer Name = Princess-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 02.03.2012 19:16:33 | Computer Name = Princess-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report > |