Hi,
läuft schon deutlich besser der PC nachdem ich deine Schritte alle befolgt habe, dafür schon einmal recht herzlichen Dank :)
Die Programme die du mir empfohlen hast und ich heruntergeladen habe, sind das auch passive programme, also die stets meinen Computer durchsuchen und wenn ja ist das problematisch wenn ich diese parallel zu ESET laufen habe? Hab ma gehört, dass man immer nur ein Antivirusprogramm haben soll.
Okay zur Auswertung:
Lief alles problemlos so wie du es beschrieben hast. SuperAntiSpyware hat 8 Adwares gefunden. Von ESET habe ich heute keine Meldung bekommen nach dem Hochfahren, dass es was gefunden hat.
Achso, empfielst du mir auch das Vshare tv plugin zu deinstallieren? Aber ich glaube das brauch ich. Fixen mit OTL Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\ deleted successfully.
C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\ not found.
File C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1D2AD974-616E-4ba1-A714-FE5EC5194E7F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D2AD974-616E-4ba1-A714-FE5EC5194E7F}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D8B5C3D-E75A-46d2-AE42-6D9FD4ADB708}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2D8B5C3D-E75A-46d2-AE42-6D9FD4ADB708}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6799BAC7-C7B2-4385-8870-1743E01ABAAC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6799BAC7-C7B2-4385-8870-1743E01ABAAC}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll not found.
C:\Users\Urbi\AppData\Roaming\Mozilla\Firefox\Profiles\qwhto5xt.default\searchplugins\conduit.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
D:\AUTORUN.INF moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{030a3962-c947-11de-b221-8bc314ea6853}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{030a3962-c947-11de-b221-8bc314ea6853}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{030a3962-c947-11de-b221-8bc314ea6853}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{030a3962-c947-11de-b221-8bc314ea6853}\ not found.
File G:\pushinst.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f471d54-eb15-11de-861d-001f3f09796e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1f471d54-eb15-11de-861d-001f3f09796e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f471d54-eb15-11de-861d-001f3f09796e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1f471d54-eb15-11de-861d-001f3f09796e}\ not found.
File F:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f471d54-eb15-11de-861d-001f3f09796e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1f471d54-eb15-11de-861d-001f3f09796e}\ not found.
File F:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{532d52fd-0953-11e1-ab4e-001f3f09796e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{532d52fd-0953-11e1-ab4e-001f3f09796e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{532d52fd-0953-11e1-ab4e-001f3f09796e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{532d52fd-0953-11e1-ab4e-001f3f09796e}\ not found.
File F:\setup.exe not found.
C:\Users\Urbi\AppData\Roaming\UAs folder moved successfully.
C:\Users\Urbi\AppData\Roaming\08016\components folder moved successfully.
C:\Users\Urbi\AppData\Roaming\08016 folder moved successfully.
C:\Users\Urbi\AppData\Roaming\xmldm folder moved successfully.
C:\Users\Urbi\AppData\Roaming\kock folder moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\ProgramData\TEMP:8B4F37E5 deleted successfully.
========== FILES ==========
File\Folder C:\Users\Urbi\AppData\Roaming\UAs not found.
File\Folder C:\Users\Urbi\AppData\Roaming\08016 not found.
File\Folder C:\Users\Urbi\AppData\Roaming\xmldm not found.
File\Folder C:\Users\Urbi\AppData\Roaming\kock not found.
C:\Users\Urbi\AppData\Roaming\BAcroIEHelpe089.dll moved successfully. < ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Urbi\Desktop\cmd.bat deleted successfully.
C:\Users\Urbi\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 590747 bytes
->Temporary Internet Files folder emptied: 11917947 bytes
->Flash cache emptied: 57234 bytes
User: All Users
User: AppData
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Urbi
->Temp folder emptied: 75118541 bytes
->Temporary Internet Files folder emptied: 111063859 bytes
->Java cache emptied: 18949018 bytes
->FireFox cache emptied: 291686571 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 65664 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10232567 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 52922 bytes
RecycleBin emptied: 1551360 bytes
Total Files Cleaned = 497,00 mb
OTL by OldTimer - Version 3.2.39.1 log created on 03202012_111444
Files\Folders moved on Reboot...
Registry entries deleted on Reboot... SUPERAntiSpyware Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 03/20/2012 at 01:57 PM
Application Version : 5.0.1146
Core Rules Database Version : 8353
Trace Rules Database Version: 6165
Scan type : Complete Scan
Total Scan Time : 01:21:33
Operating System Information
Windows Vista Home Premium 64-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User
Memory items scanned : 625
Memory threats detected : 0
Registry items scanned : 91674
Registry threats detected : 0
File items scanned : 94902
File threats detected : 8
Adware.Tracking Cookie
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\KE9SU2VX.txt [ Cookie:administrator@atdmt.com/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\32BDIZ5A.txt [ Cookie:administrator@2o7.net/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\55AWYTHJ.txt [ Cookie:administrator@kontera.com/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\XFODXI4Q.txt [ Cookie:administrator@doubleclick.net/ ]
C:\USERS\ADMINISTRATOR\Cookies\KE9SU2VX.txt [ Cookie:administrator@atdmt.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\32BDIZ5A.txt [ Cookie:administrator@2o7.net/ ]
C:\USERS\ADMINISTRATOR\Cookies\55AWYTHJ.txt [ Cookie:administrator@kontera.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\XFODXI4Q.txt [ Cookie:administrator@doubleclick.net/ ] OTL
OTL Logfile:
OTL EXTRAS Logfile: Code:
OTL logfile created on: 20.03.2012 14:17:14 - Run 3
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\Urbi\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,23 Gb Available Physical Memory | 70,52% Memory free
12,10 Gb Paging File | 10,15 Gb Available in Paging File | 83,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,68 Gb Total Space | 253,60 Gb Free Space | 56,27% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 5,66 Gb Free Space | 37,73% Space Free | Partition Type: NTFS
Computer Name: URBI-PC | User Name: Urbi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.03.19 15:49:22 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Urbi\Desktop\OTL.exe
PRC - [2012.02.17 20:50:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Firefox\firefox.exe
PRC - [2012.02.17 20:50:02 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Firefox\plugin-container.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011.09.22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Programme\ESET\x86\ekrn.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.09.16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2009.07.16 09:59:00 | 000,648,432 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2009.04.27 10:17:13 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
PRC - [2009.03.20 01:03:00 | 001,904,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
PRC - [2009.03.20 01:03:00 | 000,368,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
PRC - [2008.12.18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe
PRC - [2007.06.05 13:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
========== Modules (No Company Name) ==========
MOD - [2012.02.22 13:14:20 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012.02.17 20:50:02 | 001,911,768 | ---- | M] () -- C:\Firefox\mozjs.dll
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.03.30 12:24:30 | 000,948,736 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011.09.22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Programme\ESET\x86\ekrn.exe -- (ekrn)
SRV - [2011.08.12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files (x86)\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV - [2010.12.30 19:59:23 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.12.03 11:18:10 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Programme\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV - [2010.09.16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2009.07.16 09:59:00 | 000,648,432 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2009.04.27 10:17:13 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0)
SRV - [2009.03.29 21:42:16 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.20 01:03:00 | 000,368,640 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2008.12.18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2007.06.05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.12.01 11:42:44 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\NBVol.sys -- (NBVol)
DRV:64bit: - [2011.12.01 11:42:44 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2011.11.07 19:01:36 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.08.09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\eamonm.sys -- (eamonm)
DRV:64bit: - [2011.08.04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.10.08 15:52:38 | 000,144,784 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2010.07.12 19:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.06.25 16:08:56 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2009.12.17 15:03:35 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.09.16 10:22:40 | 000,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009.09.16 10:22:40 | 000,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009.09.16 10:22:40 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009.09.16 10:15:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009.06.18 15:15:16 | 000,041,032 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfebopk.sys -- (mfebopk)
DRV:64bit: - [2009.06.10 00:46:06 | 000,031,744 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.04.10 22:43:08 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.03.30 12:24:34 | 005,263,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2009.03.30 12:24:34 | 005,263,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.03.20 01:03:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\fwlanusb.sys -- (FWLANUSB)
DRV:64bit: - [2009.03.20 01:03:00 | 000,014,120 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2009.01.13 13:39:42 | 000,188,416 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009.01.13 12:41:32 | 000,406,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008.01.21 03:51:07 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2008.01.21 03:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel(R)
DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: " 74.95.66.34"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.http: " 74.95.66.34"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "fritz.box"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: " 74.95.66.34"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: " 74.95.66.34"
FF - prefs.js..network.proxy.ssl_port: 80
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\MOZILLA THUNDERBIRD [2012.03.18 15:29:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.30 15:54:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Firefox\components [2012.02.17 20:50:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Firefox\plugins [2012.01.12 19:15:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\Mozilla Thunderbird [2012.03.18 15:29:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Urbi\AppData\Roaming\08017 [2012.03.19 12:12:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Firefox\components [2012.02.17 20:50:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Firefox\plugins [2012.01.12 19:15:05 | 000,000,000 | ---D | M]
[2009.12.29 21:51:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Urbi\AppData\Roaming\mozilla\Extensions
[2011.12.09 11:17:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Urbi\AppData\Roaming\mozilla\Firefox\Profiles\qwhto5xt.default\extensions
[2010.06.24 13:36:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Urbi\AppData\Roaming\mozilla\Firefox\Profiles\qwhto5xt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.08 21:59:35 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Urbi\AppData\Roaming\mozilla\Firefox\Profiles\qwhto5xt.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.01.17 19:37:36 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Urbi\AppData\Roaming\mozilla\Firefox\Profiles\qwhto5xt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011.12.30 15:54:00 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
() (No name found) -- C:\USERS\URBI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QWHTO5XT.DEFAULT\EXTENSIONS\{1FC895A6-2042-46EC-A61B-233165B4C218}.XPI
() (No name found) -- C:\USERS\URBI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QWHTO5XT.DEFAULT\EXTENSIONS\{B749FC7C-E949-447F-926C-3F4EED6ACCFE}.XPI
========== Chrome ==========
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O2 - BHO: (no name) - {ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\egui.exe (ESET)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Urbi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Urbi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Urbi\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Urbi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Urbi\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.109.123.197 213.191.74.19 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A98E5A04-EDD5-446B-A108-44249A35FAD2}: DhcpNameServer = 62.109.123.197 213.191.74.19 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C734FC4C-9BA2-47E7-BE95-35087AA68768}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Urbi\Pictures\IMG-20120306-WA0001.jpg
O24 - Desktop BackupWallPaper: C:\Users\Urbi\Pictures\IMG-20120306-WA0001.jpg
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.03.20 12:33:52 | 000,000,000 | ---D | C] -- C:\Users\Urbi\AppData\Roaming\SUPERAntiSpyware.com
[2012.03.20 12:33:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.03.20 12:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.03.20 12:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SUPERAntiSpyware
[2012.03.20 12:31:15 | 015,433,288 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Urbi\Desktop\SUPERAntiSpyware.exe
[2012.03.20 12:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.03.20 12:15:07 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.03.20 12:15:07 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.03.20 12:15:07 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.03.20 12:07:58 | 000,191,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012.03.20 12:07:58 | 000,172,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012.03.20 12:07:58 | 000,172,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012.03.20 12:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.03.20 11:56:23 | 000,910,112 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Urbi\Desktop\jxpiinstall.exe
[2012.03.20 11:50:15 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012.03.20 11:14:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.03.19 15:49:21 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\Urbi\Desktop\OTL.exe
[2012.03.19 13:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.19 13:22:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.03.19 13:22:03 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Urbi\Desktop\mbam--setup-1.60.1.1000.exe
[2012.03.19 12:12:23 | 000,000,000 | ---D | C] -- C:\Users\Urbi\AppData\Roaming\08017
[2012.03.18 21:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.03.18 21:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.03.18 20:46:33 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Urbi\Desktop\dds.com
[2012.03.18 19:42:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2012.03.18 19:42:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012.03.18 19:42:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2012.03.18 19:42:48 | 000,000,000 | ---D | C] -- C:\Users\Urbi\AppData\Local\PackageAware
[2012.03.18 15:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.03.18 15:29:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012.03.18 15:29:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.03.14 16:50:05 | 000,000,000 | ---D | C] -- C:\TEMP
[2012.03.14 16:35:24 | 002,002,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012.03.14 16:35:24 | 001,555,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.03.14 16:35:24 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012.03.14 16:35:24 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012.03.14 16:35:24 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012.03.14 16:34:54 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2012.03.14 16:34:53 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2012.03.05 21:24:29 | 000,000,000 | ---D | C] -- C:\mafia 2
[2012.02.27 19:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.10.23 15:45:08 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
[1 C:\Users\Urbi\AppData\Roaming\*.tmp files -> C:\Users\Urbi\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.03.20 14:10:21 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.20 14:10:21 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.20 14:10:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.20 12:33:17 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.03.20 12:31:34 | 015,433,288 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Urbi\Desktop\SUPERAntiSpyware.exe
[2012.03.20 12:17:53 | 000,019,816 | ---- | M] () -- C:\Users\Urbi\Documents\cc_20120320_121749.reg
[2012.03.20 12:14:28 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.03.20 12:14:28 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.03.20 12:14:28 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.03.20 12:14:28 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.03.20 12:07:15 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012.03.20 12:07:15 | 000,191,264 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012.03.20 12:07:15 | 000,172,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012.03.20 12:07:15 | 000,172,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012.03.20 11:56:24 | 000,910,112 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Urbi\Desktop\jxpiinstall.exe
[2012.03.19 15:49:22 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Urbi\Desktop\OTL.exe
[2012.03.19 15:12:16 | 000,000,034 | ---- | M] () -- C:\Users\Urbi\AppData\Roaming\blckdom.res
[2012.03.19 13:22:12 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Urbi\Desktop\mbam--setup-1.60.1.1000.exe
[2012.03.18 21:14:10 | 000,002,964 | ---- | M] () -- C:\Users\Urbi\Desktop\Attach.zip
[2012.03.18 20:46:33 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Urbi\Desktop\dds.com
[2012.03.18 19:52:26 | 000,050,477 | ---- | M] () -- C:\Users\Urbi\Desktop\Defogger.exe
[2012.03.18 19:46:16 | 000,004,098 | ---- | M] () -- C:\Users\Urbi\Documents\cc_20120318_194613.reg
[2012.03.18 19:42:59 | 000,001,635 | ---- | M] () -- C:\Users\Urbi\Desktop\Uniblue RegistryBooster.lnk
[2012.03.18 17:24:31 | 000,000,907 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's license.lnk
[2012.03.15 18:36:51 | 000,001,976 | ---- | M] () -- C:\Users\Urbi\Documents\cc_20120315_183649.reg
[2012.03.15 11:34:33 | 000,406,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.14 16:50:22 | 000,003,140 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012.03.14 16:50:20 | 000,000,088 | RHS- | M] () -- C:\Windows\SysWow64\013E07AF38.sys
[2012.03.09 14:05:22 | 004,208,096 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.09 14:05:22 | 001,720,492 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.09 14:05:22 | 001,281,808 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.09 14:05:22 | 001,127,038 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.09 14:05:22 | 000,007,056 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.06 14:22:47 | 000,001,418 | ---- | M] () -- C:\Users\Urbi\Documents\cc_20120306_142245.reg
[2012.02.26 13:51:54 | 000,003,832 | ---- | M] () -- C:\Users\Urbi\Documents\cc_20120226_135152.reg
[2012.02.22 13:14:20 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Users\Urbi\AppData\Roaming\*.tmp files -> C:\Users\Urbi\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.03.20 12:33:17 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.03.20 12:17:51 | 000,019,816 | ---- | C] () -- C:\Users\Urbi\Documents\cc_20120320_121749.reg
[2012.03.18 21:14:10 | 000,002,964 | ---- | C] () -- C:\Users\Urbi\Desktop\Attach.zip
[2012.03.18 19:52:26 | 000,050,477 | ---- | C] () -- C:\Users\Urbi\Desktop\Defogger.exe
[2012.03.18 19:46:14 | 000,004,098 | ---- | C] () -- C:\Users\Urbi\Documents\cc_20120318_194613.reg
[2012.03.18 19:42:59 | 000,001,635 | ---- | C] () -- C:\Users\Urbi\Desktop\Uniblue RegistryBooster.lnk
[2012.03.18 17:17:33 | 000,000,907 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's license.lnk
[2012.03.18 00:30:44 | 000,000,034 | ---- | C] () -- C:\Users\Urbi\AppData\Roaming\blckdom.res
[2012.03.15 18:36:50 | 000,001,976 | ---- | C] () -- C:\Users\Urbi\Documents\cc_20120315_183649.reg
[2012.03.06 14:22:46 | 000,001,418 | ---- | C] () -- C:\Users\Urbi\Documents\cc_20120306_142245.reg
[2012.02.26 13:51:53 | 000,003,832 | ---- | C] () -- C:\Users\Urbi\Documents\cc_20120226_135152.reg
[2011.10.23 15:40:19 | 000,050,477 | ---- | C] () -- C:\Program Files\Defogger.exe
[2011.08.24 15:55:24 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.06.22 19:10:56 | 000,005,038 | ---- | C] () -- C:\Windows\MC9DEMO.INI
[2011.06.20 19:24:15 | 000,000,056 | ---- | C] () -- C:\Windows\MC10demo.INI
[2011.02.14 21:02:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.11.30 15:01:42 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\013E07AF38.sys
[2010.11.30 14:36:14 | 000,003,140 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2010.10.17 17:58:40 | 000,000,096 | -HS- | C] () -- C:\Windows\WSYS049.SYS
[2010.10.17 17:58:21 | 000,204,295 | ---- | C] () -- C:\Windows\Photo Pos Pro Uninstaller.exe
[2010.07.25 12:31:02 | 000,000,680 | ---- | C] () -- C:\Users\Urbi\AppData\Local\d3d9caps.dat
[2010.06.22 11:52:49 | 000,001,914 | ---- | C] () -- C:\Users\Urbi\AppData\Roaming\wklnhst.dat
[2010.06.15 18:16:45 | 000,009,216 | ---- | C] () -- C:\Users\Urbi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.12 12:11:25 | 000,001,302 | ---- | C] () -- C:\ProgramData\ss.ini
[2010.04.06 11:10:15 | 000,225,411 | ---- | C] () -- C:\Windows\SysWow64\PosPrKpLib.dll
[2010.04.06 11:10:07 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\PosTickerLib.dll
========== LOP Check ==========
[2012.03.19 12:12:23 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\08017
[2010.04.11 16:00:30 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\Acoustica
[2011.08.31 15:57:53 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\Azureus
[2011.11.26 16:35:50 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\benibela
[2010.11.03 11:14:24 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\CadSoft
[2009.12.17 15:07:38 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\DAEMON Tools Lite
[2009.12.17 14:38:22 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\DAEMON Tools Pro
[2011.05.09 21:08:29 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\Dev-Cpp
[2011.01.25 17:19:33 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\Downloaded Installations
[2011.03.02 19:22:48 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.09.16 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\ElevatedShortcut
[2011.11.09 21:02:53 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\ESET
[2011.05.19 18:32:38 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\GetRightToGo
[2010.11.29 21:27:24 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\HTC
[2010.11.29 21:27:37 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.03.19 21:52:00 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\ICQ
[2011.11.28 19:27:03 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\Nitro PDF
[2011.11.07 19:02:26 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\OpenCandy
[2010.12.01 15:25:00 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\OpenOffice.org
[2011.04.11 18:41:15 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\PCDr
[2010.11.29 21:17:29 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\Teleca
[2010.06.22 11:52:50 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\Template
[2010.12.30 20:49:50 | 000,000,000 | ---D | M] -- C:\Users\Urbi\AppData\Roaming\TS3Client
[2012.03.20 14:09:37 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > --- --- ---
--- --- ---
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 20.03.2012 14:17:14 - Run 3
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\Urbi\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,23 Gb Available Physical Memory | 70,52% Memory free
12,10 Gb Paging File | 10,15 Gb Available in Paging File | 83,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,68 Gb Total Space | 253,60 Gb Free Space | 56,27% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 5,66 Gb Free Space | 37,73% Space Free | Partition Type: NTFS
Computer Name: URBI-PC | User Name: Urbi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d j && icacls "%1" /grant administratoren:F /t && icacls "%1" /grant "authentifizierte benutzer":F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d j && icacls "%1" /grant administratoren:F /t && icacls "%1" /grant "authentifizierte benutzer":F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 65 B1 89 89 56 6C CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10D490EE-B0E6-4E31-BA7D-427DD9DB011E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{398B8C02-F454-4F96-A3EB-C6D62A43A280}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{E55E8D3B-7574-472E-A2BE-FBE1E50D518E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DBF1A3D-3886-4DDB-9369-292D54EA65D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{10FD4B05-E808-4495-93E2-F8EC5A3B9416}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{1391A1F6-582C-44E4-AA79-75D979A29DD3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{155C710A-8F1F-4E71-B8FC-12CE16CEA2CC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{19D10588-B6EA-4E0E-BD36-A4A2C169DE81}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{1F54E8EA-81C6-450D-B436-DD42C10377DC}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{20F310E7-BE07-497A-BD7A-80B98D59340C}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{250F7D4E-C5B0-4C48-96DB-936D504F996D}" = protocol=6 | dir=in | app=c:\program files (x86)\easy downloads\easydl.exe |
"{2888FB0C-A339-40B1-B511-2711FAE8EF79}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2C626B09-36D9-4C70-A306-3B73F23F38AE}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\hp1006mc.exe |
"{2F2315EE-A7FF-49EA-A860-D5F090F67E1D}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{3F47BFED-56B9-4A60-9B49-1AEB3F5A7EBD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4F3A86BA-B103-4508-A676-02CAF2539B9D}" = protocol=17 | dir=in | app=c:\program files (x86)\easy downloads\easydl.exe |
"{76189A5C-9F02-4722-9FE2-A441DB71E718}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{8782F0EC-8F90-40C6-94B8-D796FB225BA1}" = protocol=17 | dir=in | app=c:\program files (x86)\easy downloads\easydownloads.exe |
"{91D86DEB-85F6-4FA0-AE83-9C635E87B324}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{9770529D-480E-408D-AFE2-5F5AB1D50D33}" = protocol=6 | dir=in | app=c:\program files (x86)\easy downloads\easydownloads.exe |
"{97E3610E-E2A9-4C89-AB4E-8973F71E46E8}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\hp1006mc.exe |
"{9F616DA5-F8F7-41C1-8A4B-F41F73E9415E}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{A1BB417E-6CD4-4446-BD81-20B543E9B819}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{B0FFF4A7-3EBC-4F1C-A56C-E5F9636FEFFC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\dseatze_moaf_gagga\counter-strike\hl.exe |
"{B64D4728-AFC1-4B35-90E9-3213DDCAD776}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C5D93ECF-C364-46FB-B80E-95544BD66A43}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{CD22AC1C-56F1-4404-AEB0-22DD9B2968F1}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{D2CF1B24-CFE1-4CC1-BF36-A121D67F7397}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DFA17C94-6302-42D2-8A34-41824E77D8AC}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{E78A5198-094D-42A7-B6D2-204DE8F02EE8}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{EA840450-621D-477E-80B6-B96F31D9A42C}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{EF99D71F-D3B5-47D0-86E9-161A0CE9C423}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\dseatze_moaf_gagga\counter-strike\hl.exe |
"{FE713204-E473-430F-B76B-6A10728431BB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"TCP Query User{0AB746F6-9589-4E3D-A339-0DBF0FF71FB6}C:\firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\firefox\plugin-container.exe |
"TCP Query User{0C80F2E6-3CC9-434B-8E91-9419472161D5}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{26B157A6-9E98-42A7-B0D1-248EA68E8780}C:\users\urbi\appdata\local\temp\rarsfx0\bie_kms.exe" = protocol=6 | dir=in | app=c:\users\urbi\appdata\local\temp\rarsfx0\bie_kms.exe |
"TCP Query User{3B9F3B71-5AC6-4F2E-85E5-D49B6C55C49A}C:\program files (x86)\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\azureus\azureus.exe |
"TCP Query User{4B9FA84B-A932-49D9-963B-D7AA0152B517}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{9833256D-89EE-4272-850D-1ADE472002A5}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{B35F996A-1CCF-4963-80BE-FA98EC5E2B29}C:\users\urbi\appdata\local\temp\rarsfx1\bie_kms.exe" = protocol=6 | dir=in | app=c:\users\urbi\appdata\local\temp\rarsfx1\bie_kms.exe |
"TCP Query User{B66B3988-C1A3-49A1-A0F1-5A43D0C8CED3}C:\program files (x86)\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty - black ops\blackops.exe |
"UDP Query User{0794A955-ACE5-4CBE-B801-C1E33C8D39BC}C:\program files (x86)\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\azureus\azureus.exe |
"UDP Query User{6F698CD9-3720-4DA1-B200-957AD689FA8B}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{B03D0B39-F8A8-4802-B23D-BA488F610E70}C:\users\urbi\appdata\local\temp\rarsfx1\bie_kms.exe" = protocol=17 | dir=in | app=c:\users\urbi\appdata\local\temp\rarsfx1\bie_kms.exe |
"UDP Query User{C759552C-3DF1-485A-B525-7FF3E58AD8C2}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{D6EB7F0E-ECBD-4C88-ABC6-21B44C669C14}C:\program files (x86)\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty - black ops\blackops.exe |
"UDP Query User{EC883BC2-D666-4FFB-BBF3-4D47D377AF55}C:\users\urbi\appdata\local\temp\rarsfx0\bie_kms.exe" = protocol=17 | dir=in | app=c:\users\urbi\appdata\local\temp\rarsfx0\bie_kms.exe |
"UDP Query User{EE2EF21D-6902-4656-943B-8980A4250C6E}C:\firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\firefox\plugin-container.exe |
"UDP Query User{FFEE815B-718D-4EA7-8DDF-C6A5197693D3}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06088E65-A95F-4926-897F-D86FB7A9C6D9}" = Nitro PDF Reader
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0457-000001000000}" = 7-Zip 4.57 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416031FF}" = Java(TM) 6 Update 31 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61A177CE-86A3-433F-BFE2-41AB9123A268}" = ESET NOD32 Antivirus
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{850C7AF6-7376-464D-A69C-E8419EC7ACA7}" = Microsoft IntelliType Pro 7.0
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{E4C229B2-51E3-49E7-3A42-A3B695B4E56E}" = ccc-utility64
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{EAFC065C-0576-4DE9-8FDB-4D943367506E}" = Oracle VM VirtualBox 3.2.10
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA300000-0001-6400-0000-074957833700}" = ABBYY PDF Transformer 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar
"{04D5E56E-F323-27F2-C075-EF1AE9A3CF2B}" = Catalyst Control Center Graphics Light
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{07288267-318E-9B78-B04E-984F9149EE24}" = Catalyst Control Center Graphics Previews Common
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B23ACC5-88A6-FEE4-0131-8777A1BA0B68}" = Catalyst Control Center Graphics Previews Vista
"{0CD81D7E-94E2-D230-E37E-C9B16E90D01C}" = CCC Help Italian
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{16A7FAD8-EE4F-C413-8359-833A3B2D39FB}" = CCC Help Portuguese
"{18364179-C5E5-F826-E2FC-D99D575AF997}" = Catalyst Control Center Localization All
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{30228022-6558-412B-82C4-B1949F90273F}_is1" = Call of Duty - Modern Warfare 2
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{44A69352-33DD-405E-ADB8-2D768643BBAE}_is1" = AnyBizSoft PDF to Word (Build 3.0.0)
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47C72DA6-E7AC-984C-5475-15A65F9B41BE}" = Catalyst Control Center Graphics Full New
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A918155-6399-4673-0D08-85A0DBEC1389}" = CCC Help Chinese Traditional
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.2
"{537791BE-B032-D116-0C59-13541E17BFEA}" = CCC Help English
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66DAE8D7-D5F7-462F-5815-102EE4B191C4}" = CCC Help Korean
"{67DAF4C3-58CA-4EDB-B734-D97684FC379E}" = General Runtime Files for Nemetschek Allplan 2009
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7262D0C8-41CC-4F75-8383-A6C7C61D7FC6}" = Nemetschek SoftLock 2006
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74656168-CF28-40BD-9D87-700B07BAF9B6}" = HTC Sync
"{763B809A-6874-5979-CD69-39491392262C}" = Catalyst Control Center InstallProxy
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E4413BB-CE31-4E01-A1C0-E37BDD0187CE}" = Nero 11
"{7FE440D8-8F16-24CA-81B6-7DEB4D6BF92D}" = CCC Help Hungarian
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.9.0
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88D3B829-DBA4-D839-33BF-9A5794CC21EB}" = CCC Help Chinese Standard
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{9044B9A5-B7D7-3EA2-B20B-49A47853D62F}" = CCC Help Spanish
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A7F37935-A880-8657-79CE-F98BF3A358E1}" = CCC Help Turkish
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AA388319-08DE-4943-A739-5BC257F50B61}" = NI LabVIEW Run-Time Engine 8.6
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B297076F-905F-7E13-57EF-7D254EBB7589}" = CCC Help Japanese
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BAED3957-C271-4670-A50D-8D7438701917}" = Nemetschek Allplan 2009
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D1B8C6AC-C4F8-E8AF-E157-AF3E16B97903}" = CCC Help French
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D9EB0916-F277-4C54-830A-772833FD20A4}" = Micro-Cap 10 Evaluation
"{DC702FC1-4746-CD99-0578-02839474C2F8}" = Skins
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{DFAA3C20-5968-46A3-B7B0-0AF72D758A59}" = HTC Sync
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E59145A6-2D21-9E5C-6551-ACA2539CDE50}" = ccc-core-static
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E89371A0-2FCD-F518-EECB-09AB27724CEE}" = CCC Help German
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{ED06F22F-DADB-E713-2E49-EEB154950285}" = Catalyst Control Center Graphics Full Existing
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F6706DF9-B0B6-8496-F302-BF511197A32F}" = Catalyst Control Center Core Implementation
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"5513-1208-7298-9440" = JDownloader 0.9
"ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 4.5" = Acoustica Mixcraft 4.5
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced PDF-to-Word 1.0 Demo" = Advanced PDF-to-Word 1.0 Demo
"Advanced RAR Repair v1.2" = Advanced RAR Repair v1.2
"AVMWLANCLI" = AVM FRITZ!WLAN
"BlueJ_is1" = BlueJ 2.5.3
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"DVD Flick_is1" = DVD Flick 1.3.0.7
"EAGLE 5.10.0" = EAGLE 5.10.0
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Google Chrome" = Google Chrome
"Guitar Pro 5_is1" = Guitar Pro 5.0
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Micro-Cap Evaluation 9.0" = Micro-Cap Evaluation 9.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"PDF Blender" = PDF Blender
"Photo Pos Pro" = Photo Pos Pro
"Security Task Manager" = Security Task Manager 1.8d
"Stronghold 3 (c) THQ_is1" = Stronghold 3 (c) THQ version 1
"TexMakerX_is1" = TexMakerX 2.1
"TmNationsForever_is1" = TmNationsForever
"TuxGuitar 1.1" = TuxGuitar
"TuxGuitar_0" = TuxGuitar 1.2
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Uninstall_is1" = Uninstall 1.0.0.1
"vShare.tv plugin" = vShare.tv plugin 1.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zip Repair Pro_is1" = Zip Repair Pro
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.01.2012 15:37:36 | Computer Name = Urbi-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Stronghold3.exe, Version 0.0.0.0, Zeitstempel
0x4ed9324c, fehlerhaftes Modul vision100.dll, Version 8.1.8.0, Zeitstempel 0x4e9ff7c0,
Ausnahmecode 0xc0000005, Fehleroffset 0x0004c6d4, Prozess-ID 0x1154, Anwendungsstartzeit
01ccd6e0ee4e5395.
Error - 19.01.2012 15:37:37 | Computer Name = Urbi-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Stronghold3.exe, Version 0.0.0.0, Zeitstempel
0x4ed9324c, fehlerhaftes Modul vBase100.dll, Version 8.1.8.0, Zeitstempel 0x4e9ff795,
Ausnahmecode 0xc0000005, Fehleroffset 0x0005ba8e, Prozess-ID 0x1154, Anwendungsstartzeit
01ccd6e0ee4e5395.
Error - 19.01.2012 18:26:48 | Computer Name = Urbi-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.6001.19170 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 109c Anfangszeit: 01ccd6f6c32f2255 Zeitpunkt
der Beendigung: 10
Error - 19.01.2012 18:42:11 | Computer Name = Urbi-PC | Source = EventSystem | ID = 4621
Description =
Error - 20.01.2012 11:45:22 | Computer Name = Urbi-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.01.2012 11:49:00 | Computer Name = Urbi-PC | Source = LoadPerf | ID = 3012
Description =
Error - 20.01.2012 11:49:00 | Computer Name = Urbi-PC | Source = LoadPerf | ID = 3012
Description =
Error - 20.01.2012 11:49:00 | Computer Name = Urbi-PC | Source = LoadPerf | ID = 3011
Description =
Error - 20.01.2012 15:03:13 | Computer Name = Urbi-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Stronghold3.exe, Version 0.0.0.0, Zeitstempel
0x4ed9324c, fehlerhaftes Modul StrongholdBase.dll, Version 0.0.0.0, Zeitstempel
0x4ed93246, Ausnahmecode 0xc0000005, Fehleroffset 0x0007f7ab, Prozess-ID 0x1098,
Anwendungsstartzeit 01ccd79e3b65b9d0.
Error - 20.01.2012 18:16:29 | Computer Name = Urbi-PC | Source = EventSystem | ID = 4621
Description =
[ System Events ]
Error - 16.03.2012 07:39:57 | Computer Name = Urbi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 16.03.2012 07:40:27 | Computer Name = Urbi-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 16.03.2012 07:40:27 | Computer Name = Urbi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 18.03.2012 09:40:09 | Computer Name = Urbi-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =
Error - 18.03.2012 15:31:25 | Computer Name = Urbi-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =
Error - 18.03.2012 18:25:38 | Computer Name = Urbi-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 001F3F09796E zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 19.03.2012 10:45:47 | Computer Name = Urbi-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =
Error - 19.03.2012 17:21:15 | Computer Name = Urbi-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =
Error - 20.03.2012 06:14:44 | Computer Name = Urbi-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 20.03.2012 06:42:27 | Computer Name = Urbi-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =
< End of report > --- --- --- |