Code:
OTL logfile created on: 18.07.2012 20:04:18 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = D:\[ iNcoming ]
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 65,98% Memory free
8,00 Gb Paging File | 6,39 Gb Available in Paging File | 79,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 58,19 Gb Free Space | 59,58% Space Free | Partition Type: NTFS
Drive D: | 443,21 Gb Total Space | 30,54 Gb Free Space | 6,89% Space Free | Partition Type: NTFS
Drive E: | 195,32 Gb Total Space | 49,74 Gb Free Space | 25,46% Space Free | Partition Type: NTFS
Drive F: | 195,32 Gb Total Space | 96,56 Gb Free Space | 49,44% Space Free | Partition Type: NTFS
Drive G: | 232,88 Gb Total Space | 10,34 Gb Free Space | 4,44% Space Free | Partition Type: NTFS
Drive H: | 972,21 Mb Total Space | 559,75 Mb Free Space | 57,57% Space Free | Partition Type: FAT32
Drive K: | 1,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: MAINTERMINAL | User Name: 3viL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.18 20:02:01 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\[ iNcoming ]\OTL.exe
PRC - [2012.05.18 10:26:36 | 000,932,528 | ---- | M] () -- C:\Users\3viL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012.05.10 04:00:09 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\Users\3viL\AppData\Roaming\Xile\inoxe.exe
PRC - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011.12.09 19:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011.04.24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
========== Modules (No Company Name) ==========
MOD - [2012.05.18 10:26:36 | 000,932,528 | ---- | M] () -- C:\Users\3viL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.05.07 19:07:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.07.18 18:55:43 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.11 23:21:29 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.24 19:50:41 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.03.02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.03.02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011.11.14 11:16:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\3viL\AppData\Local\Temp\7zS6364\hpslpsvc64.dll -- (HPSLPSVC)
SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.04.24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.07.13 09:18:38 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.05.07 19:08:11 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012.05.07 19:08:11 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.05.07 19:07:28 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.05.07 19:06:26 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.04.24 11:37:05 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.12.16 17:53:01 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2011.12.02 12:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011.09.02 08:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 18:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011.03.04 13:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.03.04 13:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.11.05 13:03:34 | 000,270,400 | ---- | M] (TerraTec Electronic GmbH.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Cinergy_HT_PCI_MKII.sys -- (Cinergy_HT_PCI_MKII) Cinergy HT PCI (MKII)
DRV:64bit: - [2009.11.02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.10.05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 13 3A F1 A1 F1 64 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {ADFA3175-D332-467A-976F-C7395F54A20F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{ADFA3175-D332-467A-976F-C7395F54A20F}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..network.proxy.http: "188.93.17.193"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.04.25 13:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.07.13 09:49:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.07.13 09:49:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.07.13 09:49:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 18:55:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.20 16:42:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.23 00:16:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.04.25 13:40:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 18:55:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.20 16:42:16 | 000,000,000 | ---D | M]
[2012.04.20 16:04:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\3viL\AppData\Roaming\mozilla\Extensions
[2012.07.12 22:06:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\3viL\AppData\Roaming\mozilla\Firefox\Profiles\hxt3bbzx.default\extensions
[2012.04.20 16:18:00 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\3viL\AppData\Roaming\mozilla\Firefox\Profiles\hxt3bbzx.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2012.05.23 23:18:32 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\3viL\AppData\Roaming\mozilla\Firefox\Profiles\hxt3bbzx.default\extensions\ich@maltegoetz.de
[2012.04.20 16:18:00 | 000,000,000 | ---D | M] (Password Reuse Visualizer) -- C:\Users\3viL\AppData\Roaming\mozilla\Firefox\Profiles\hxt3bbzx.default\extensions\jid1-bOHVlh4oBvBc7A@jetpack
[2012.04.20 16:04:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.10.30 10:54:28 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\3VIL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HXT3BBZX.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012.06.15 23:54:19 | 000,182,698 | ---- | M] () (No name found) -- C:\USERS\3VIL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HXT3BBZX.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2012.07.18 18:55:43 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\3viL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\3viL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\3viL\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\3viL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Google Mail = C:\Users\3viL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\3viL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [Qaovva] C:\Users\3viL\AppData\Roaming\Xile\inoxe.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\3viL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\3viL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\3viL\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\3viL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk = C:\Program Files (x86)\Password Safe\pwsafe.exe (SourceForge.net)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24F4A864-586E-4C51-AA03-6CD5B84394F7}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F873909E-CBC7-471F-BB4A-1A7CF6ACBE9C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.22 17:17:28 | 000,000,175 | R--- | M] () - K:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{63956840-8df7-11e1-8886-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{63956840-8df7-11e1-8886-806e6f6e6963}\Shell\AutoRun\command - "" = K:\setup.exe -- [2010.03.12 08:05:40 | 001,377,656 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{63956840-8df7-11e1-8886-806e6f6e6963}\Shell\configure\command - "" = K:\setup.exe -- [2010.03.12 08:05:40 | 001,377,656 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{63956840-8df7-11e1-8886-806e6f6e6963}\Shell\install\command - "" = K:\setup.exe -- [2010.03.12 08:05:40 | 001,377,656 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.07.18 19:36:11 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\Wireshark
[2012.07.18 19:32:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireshark
[2012.07.18 19:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012.07.18 19:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2012.07.18 19:16:23 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
[2012.07.18 19:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
[2012.07.18 19:16:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cain
[2012.07.18 08:21:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2012.07.18 08:21:03 | 000,000,000 | ---D | C] -- C:\Users\3viL\Documents\Anti-Malware
[2012.07.13 22:52:57 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Local\Diagnostics
[2012.07.13 22:30:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Mein Geld 2012
[2012.07.13 14:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge
[2012.07.13 14:20:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gameforge
[2012.07.13 09:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2012
[2012.07.13 09:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.07.13 09:18:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2012.07.13 09:18:38 | 000,615,728 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.07.12 23:34:47 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Local\Nero_AG
[2012.07.12 23:34:29 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\Nero
[2012.07.12 23:34:11 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Local\Nero
[2012.07.12 19:59:20 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Local\ElevatedDiagnostics
[2012.07.12 19:52:55 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\QuickScan
[2012.07.12 00:15:14 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\dvdcss
[2012.07.12 00:00:09 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\Ydam
[2012.07.12 00:00:09 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\Xile
[2012.07.12 00:00:09 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\Leebim
[2012.07.10 00:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buhl
[2012.07.09 20:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012.07.07 00:34:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2012.07.07 00:32:34 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Local\BlueStacksSetup
[2012.07.07 00:28:37 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\pdfforge
[2012.07.07 00:28:32 | 000,095,744 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.07.07 00:28:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012.07.04 23:15:16 | 000,000,000 | ---D | C] -- C:\Users\3viL\Documents\LOCO
[2012.07.01 23:20:29 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\ZombieDriver
[2012.07.01 23:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.07.01 23:20:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2012.07.01 23:20:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012.07.01 23:19:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012.07.01 23:19:32 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.07.01 23:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2012.07.01 22:28:29 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\LolClient
[2012.07.01 20:25:53 | 000,000,000 | ---D | C] -- C:\Users\3viL\Documents\Dungeons and Dragons Online
[2012.06.29 17:46:28 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Local\Turbine
[2012.06.29 17:46:26 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Local\ApplicationHistory
[2012.06.29 17:45:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2012.06.29 10:06:07 | 000,000,000 | ---D | C] -- C:\Users\3viL\AppData\Roaming\Braid
[2012.06.20 21:51:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.18 20:04:43 | 000,022,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.18 20:04:43 | 000,022,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.18 19:57:21 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.18 19:57:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.18 19:56:58 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.18 19:32:32 | 000,001,776 | ---- | M] () -- C:\Users\Public\Desktop\Wireshark.lnk
[2012.07.18 19:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.18 19:16:23 | 000,001,833 | ---- | M] () -- C:\Users\3viL\Desktop\Cain.lnk
[2012.07.18 19:13:01 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.16 23:54:18 | 000,000,201 | ---- | M] () -- C:\Users\3viL\Desktop\Saints Row The Third.url
[2012.07.14 17:15:23 | 000,417,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.14 01:51:51 | 000,000,199 | ---- | M] () -- C:\Users\3viL\Desktop\Portal 2.url
[2012.07.13 14:20:13 | 000,002,219 | ---- | M] () -- C:\Users\Public\Desktop\AION Free-To-Play.lnk
[2012.07.13 09:22:42 | 000,017,408 | ---- | M] () -- C:\Users\3viL\AppData\Local\WebpageIcons.db
[2012.07.13 09:20:05 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2012.07.13 09:20:05 | 000,107,177 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2012.07.13 09:18:38 | 000,615,728 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.07.12 23:04:47 | 001,642,542 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.12 23:04:47 | 000,707,446 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.12 23:04:47 | 000,661,064 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.12 23:04:47 | 000,153,038 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.12 23:04:47 | 000,125,254 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.12 20:33:43 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.07.11 11:20:45 | 000,065,327 | ---- | M] () -- C:\Users\3viL\Documents\On4u3Log (11.07.2012).xip
[2012.07.11 09:45:04 | 001,460,721 | ---- | M] () -- C:\Users\3viL\Desktop\IMG_0001.pdf
[2012.07.06 23:59:31 | 000,019,957 | ---- | M] () -- C:\Users\3viL\Desktop\NikeStore.pdf
[2012.07.05 13:02:30 | 000,095,744 | ---- | M] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.07.05 12:42:14 | 000,000,566 | ---- | M] () -- C:\Users\3viL\Desktop\Lord of Legends.lnk
[2012.07.01 23:19:32 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.07.01 23:19:32 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012.07.01 20:49:01 | 000,000,201 | ---- | M] () -- C:\Users\3viL\Desktop\Zombie Driver.url
[2012.07.01 20:19:29 | 001,675,630 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.29 17:46:26 | 000,000,092 | ---- | M] () -- C:\Users\3viL\AppData\Local\fusioncache.dat
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.18 19:32:32 | 000,001,776 | ---- | C] () -- C:\Users\Public\Desktop\Wireshark.lnk
[2012.07.18 19:16:23 | 000,001,833 | ---- | C] () -- C:\Users\3viL\Desktop\Cain.lnk
[2012.07.16 23:54:18 | 000,000,201 | ---- | C] () -- C:\Users\3viL\Desktop\Saints Row The Third.url
[2012.07.14 01:51:51 | 000,000,199 | ---- | C] () -- C:\Users\3viL\Desktop\Portal 2.url
[2012.07.13 14:20:13 | 000,002,219 | ---- | C] () -- C:\Users\Public\Desktop\AION Free-To-Play.lnk
[2012.07.13 09:22:35 | 000,017,408 | ---- | C] () -- C:\Users\3viL\AppData\Local\WebpageIcons.db
[2012.07.13 09:20:05 | 000,152,233 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2012.07.13 09:20:05 | 000,107,177 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2012.07.11 11:20:45 | 000,065,327 | ---- | C] () -- C:\Users\3viL\Documents\On4u3Log (11.07.2012).xip
[2012.07.11 09:45:02 | 001,460,721 | ---- | C] () -- C:\Users\3viL\Desktop\IMG_0001.pdf
[2012.07.06 23:59:29 | 000,019,957 | ---- | C] () -- C:\Users\3viL\Desktop\NikeStore.pdf
[2012.07.05 12:42:14 | 000,000,566 | ---- | C] () -- C:\Users\3viL\Desktop\Lord of Legends.lnk
[2012.07.01 20:49:01 | 000,000,201 | ---- | C] () -- C:\Users\3viL\Desktop\Zombie Driver.url
[2012.06.29 17:46:26 | 000,000,092 | ---- | C] () -- C:\Users\3viL\AppData\Local\fusioncache.dat
[2012.05.03 01:56:37 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat.temp
[2012.04.25 13:33:26 | 000,221,034 | ---- | C] () -- C:\Windows\hpoins30.dat
[2012.04.25 13:33:26 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2012.04.21 00:23:47 | 000,100,352 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2012.04.21 00:23:45 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll
[2012.04.21 00:23:42 | 001,179,595 | ---- | C] () -- C:\Windows\unins002.exe
[2012.04.21 00:23:42 | 000,010,828 | ---- | C] () -- C:\Windows\unins002.dat
[2012.04.21 00:19:10 | 000,709,719 | ---- | C] () -- C:\Windows\unins001.exe
[2012.04.21 00:19:10 | 000,007,961 | ---- | C] () -- C:\Windows\unins001.dat
[2012.04.21 00:18:11 | 001,199,175 | ---- | C] () -- C:\Windows\unins000.exe
[2012.04.21 00:18:11 | 000,021,529 | ---- | C] () -- C:\Windows\unins000.dat
[2012.04.20 22:00:42 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.04.20 15:54:42 | 001,675,630 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.20 15:07:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ==========
[2012.05.07 02:33:34 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\.minecraft
[2012.06.29 10:07:18 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Braid
[2012.04.21 08:43:16 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Buhl Data Service
[2012.06.11 23:21:25 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Buhl Data Service GmbH
[2012.04.29 20:09:15 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\DAEMON Tools Lite
[2012.07.18 19:59:00 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Dropbox
[2012.07.18 19:46:38 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\FileZilla
[2012.06.06 08:26:10 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\fltk.org
[2012.05.08 10:09:48 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Foxit Software
[2012.04.20 16:27:49 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Leadertech
[2012.07.12 00:00:09 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Leebim
[2012.07.01 22:28:29 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\LolClient
[2012.06.08 07:00:32 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\LoneSurvivor
[2012.05.14 01:46:15 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\MoreTerra
[2012.07.11 12:57:51 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Mp3tag
[2012.04.20 18:41:34 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Notepad++
[2012.07.07 00:28:37 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\pdfforge
[2012.07.12 19:52:59 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\QuickScan
[2012.05.19 22:57:30 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\runic games
[2012.06.08 06:46:23 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Samsung
[2012.04.22 03:48:03 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\SoftGrid Client
[2012.05.18 21:21:01 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Spotify
[2012.07.11 11:01:42 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\TeamViewer
[2012.04.21 00:21:09 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Thunderbird
[2012.04.24 12:59:34 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Trillian
[2012.07.13 20:25:44 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\TS3Client
[2012.07.18 19:36:11 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Wireshark
[2012.07.12 00:00:09 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Xile
[2012.07.18 19:59:46 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\Ydam
[2012.07.01 23:20:53 | 000,000,000 | ---D | M] -- C:\Users\3viL\AppData\Roaming\ZombieDriver
[2012.06.28 21:13:51 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.04.26 18:34:16 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.06.08 06:46:13 | 000,000,000 | ---D | M] -- C:\AllShare
[2012.04.20 16:10:47 | 000,000,000 | ---D | M] -- C:\AMD
[2012.07.15 20:46:46 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.07.17 07:53:33 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.04.20 15:21:20 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.06.08 06:46:31 | 000,000,000 | ---D | M] -- C:\Download
[2012.07.12 20:32:34 | 000,000,000 | -H-D | M] -- C:\kleaner.tmp
[2012.04.24 12:29:19 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.07.13 21:59:29 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.07.18 19:32:26 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.07.14 17:14:58 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.04.20 15:21:20 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.04.20 15:21:20 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.07.18 20:06:41 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.04.20 15:21:29 | 000,000,000 | R--D | M] -- C:\Users
[2012.07.18 19:56:57 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2012.07.18 20:14:04 | 002,359,296 | -HS- | M] () -- C:\Users\3viL\ntuser.dat
[2012.07.18 20:14:04 | 000,262,144 | -HS- | M] () -- C:\Users\3viL\ntuser.dat.LOG1
[2012.04.20 15:21:31 | 000,000,000 | -HS- | M] () -- C:\Users\3viL\ntuser.dat.LOG2
[2012.04.20 15:24:08 | 000,065,536 | -HS- | M] () -- C:\Users\3viL\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.04.20 15:24:08 | 000,524,288 | -HS- | M] () -- C:\Users\3viL\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.04.20 15:24:08 | 000,524,288 | -HS- | M] () -- C:\Users\3viL\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.06.09 01:01:15 | 000,065,536 | -HS- | M] () -- C:\Users\3viL\ntuser.dat{91a5f164-b18a-11e1-9c59-0016e6ddea30}.TM.blf
[2012.06.09 01:01:15 | 000,524,288 | -HS- | M] () -- C:\Users\3viL\ntuser.dat{91a5f164-b18a-11e1-9c59-0016e6ddea30}.TMContainer00000000000000000001.regtrans-ms
[2012.06.09 01:01:15 | 000,524,288 | -HS- | M] () -- C:\Users\3viL\ntuser.dat{91a5f164-b18a-11e1-9c59-0016e6ddea30}.TMContainer00000000000000000002.regtrans-ms
[2012.04.20 15:21:31 | 000,000,020 | -HS- | M] () -- C:\Users\3viL\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< >
< End of report > Code:
OTL Extras logfile created on: 18.07.2012 20:04:18 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = D:\[ iNcoming ]
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 65,98% Memory free
8,00 Gb Paging File | 6,39 Gb Available in Paging File | 79,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 58,19 Gb Free Space | 59,58% Space Free | Partition Type: NTFS
Drive D: | 443,21 Gb Total Space | 30,54 Gb Free Space | 6,89% Space Free | Partition Type: NTFS
Drive E: | 195,32 Gb Total Space | 49,74 Gb Free Space | 25,46% Space Free | Partition Type: NTFS
Drive F: | 195,32 Gb Total Space | 96,56 Gb Free Space | 49,44% Space Free | Partition Type: NTFS
Drive G: | 232,88 Gb Total Space | 10,34 Gb Free Space | 4,44% Space Free | Partition Type: NTFS
Drive H: | 972,21 Mb Total Space | 559,75 Mb Free Space | 57,57% Space Free | Partition Type: FAT32
Drive K: | 1,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: MAINTERMINAL | User Name: 3viL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C7137D-2EE1-451D-B840-010DE58376FB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{168D70EB-6B3B-46AC-8E14-B40454CBC273}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{24A90A64-44A7-4682-8E90-F2514322F656}" = lport=2869 | protocol=6 | dir=in | app=system |
"{26FAC651-6275-4E19-BA5F-C59F43182546}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{275A4362-6D6F-45C6-8E00-196C126593F4}" = lport=137 | protocol=17 | dir=in | app=system |
"{392F8C84-A5FE-4792-BF64-99FF679D69D0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4951E4F9-E50E-4040-A5A4-CC43D17B8A5C}" = lport=139 | protocol=6 | dir=in | app=system |
"{5375DC44-24E2-488E-8202-929A0993C3D7}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{5920995F-FF7B-4D10-A457-A95AF0A8FFD8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{77E0D459-9DCF-4567-A3D7-471B1F0B0B92}" = rport=445 | protocol=6 | dir=out | app=system |
"{7E362D1E-3499-4BFC-8014-DA93DF85AE16}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8558A5DE-18A3-425F-A578-317EF5BD49BA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9723EFE7-A35A-4FFF-BA14-30CAE643E10C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A831CBD7-3806-4B47-98B8-91BFE4B0D132}" = lport=138 | protocol=17 | dir=in | app=system |
"{AAD3D12A-534C-42F6-B3F6-8CFCE99E4688}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BE6BA6AE-D06E-4B00-B71E-E63F76C2A8FA}" = rport=139 | protocol=6 | dir=out | app=system |
"{D9C20322-4078-44AD-A6E4-3D86AAC72050}" = rport=138 | protocol=17 | dir=out | app=system |
"{E2567206-3391-4872-ADD2-4C3F79729061}" = rport=137 | protocol=17 | dir=out | app=system |
"{E53150C3-D571-4637-A339-F527E6A1B573}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E554365C-71F2-4850-8F9C-95D2BF544465}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E7E9BCD2-E376-4FC9-A214-7025136122FE}" = lport=445 | protocol=6 | dir=in | app=system |
"{F8D8C9C6-5F1E-4CAA-BAB2-6F21ACE22E1C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FCC41330-D623-417B-9B6C-B655B3CAE9A0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0188C6D9-D0B2-4F4C-8AC1-E822CD066FAA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0524E4AA-BFA0-47F6-97A8-1575E43D0856}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0591993A-EAA9-40C1-B0F5-503A9AA472CC}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\saints row the third\game_launcher.exe |
"{068E95BE-ACBA-47C0-8410-DDB5141F0983}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0A6708F2-FC0F-4069-80E5-CEEB8D892776}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0E34ADAD-1E7E-4898-886D-FE094864DB38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0ED5E119-5D27-4DB8-9214-574ED62EA1A5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{0F5123AA-54B2-4C12-B537-01D12708A266}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{102DF293-6C0B-4C65-A766-21671A39AEF0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{10C8713B-993B-4077-A145-A10AB03167C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{10DC3C8A-47AC-44A4-9EA9-5A846CEA29C2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{1150642E-CDB6-43BD-8670-05400C7DA3E1}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\portal 2\portal2.exe |
"{13EA275F-8884-41C7-B6F2-495054E041BC}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{169DA958-654C-4538-851E-EC6C0CE27756}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{16CDCC05-B107-4130-B5A7-3B44B8115792}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{16E07A66-7ED1-4B1F-B5AC-61BEF37CDA27}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1DD16A77-0C01-4FF8-9E9E-5DECF818F735}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1FFF7778-3EA0-426F-8645-A6928121DA47}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{2169BE1C-B71D-4274-BAD1-6B67687031FB}" = protocol=6 | dir=out | app=system |
"{23333C66-7886-4D0C-9131-CA945B9434F9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{276B7077-CDF6-4EE0-9FE2-CE220596A173}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{286633D6-3864-4DAB-84FB-F06A822D5E86}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\super meat boy\supermeatboy.exe |
"{2B235009-5F79-42CC-8C5B-A32C26D98C0C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2E0B84C9-A00D-490A-9F45-41C7E87251A0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3180B546-27D2-4F2E-BAD0-A2D0FED9B4BA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{3180BB18-E195-4355-9673-980027BB4DB7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{34607076-6DB3-4720-AAFD-C640E823DBED}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{34F9F24B-572A-4C63-B8CC-A95F13C9787F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{3E96DD76-F8DF-472C-9FFA-DAC17BBF0D7A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4223528C-5E78-41A7-BD70-A8F37BC6A14A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{474D439A-D1ED-4DF3-AACE-C6C45BA4C341}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{47D2A7C8-8B97-4E76-B200-2949DD7C36A7}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{5017351E-CCFB-47DB-AF63-F458279DBAF8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{5835A56C-1D91-448F-B50C-A8F443ABBA58}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\super meat boy\supermeatboy.exe |
"{5AC8372D-FE26-4E18-9BC5-45A94180694A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{6463517D-AC37-47C6-992D-793A08826785}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{6543671A-E9CA-410F-B277-C59CE1AC1B51}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{658C368A-438C-4F7C-A6E9-1F18616E3F9C}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{67DB4C19-DCB9-4C64-B691-C9B95DB5EBB3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{6822790D-5C21-47F9-8F5E-E453E39D614F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{6A2C277D-55FA-4D9A-99BF-24B4579F2E4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{725017D0-C9A6-4127-B4EF-48B3B2FBA217}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{752A9310-0D1D-4541-86EE-D95B05086FE9}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{78D25766-8A86-4DFC-9FA6-49589AC25835}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\portal 2\portal2.exe |
"{7B5046CF-8177-40C4-A929-ED99CB7F9EC2}" = protocol=6 | dir=in | app=e:\steam\steam.exe |
"{824825BA-25DC-49BC-BD8A-B8362C481910}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{855DBE17-DAB3-4611-83A7-29483E488681}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\zombie driver\release\zombiedriver.exe |
"{8670FC05-C1B9-4B73-B6F8-B16B121F6381}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{870FF19C-F7F4-4900-B588-EBCB9CAEEF9B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8A46B39A-FCE9-40F3-8AA6-0379A4FE7E6F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{90610FE3-D0F0-4D34-8FAA-6FC2593127E3}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{94AC8078-54BB-4F21-B1DB-E6B31B11EF38}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A468A2B-D193-4095-A05C-C6C82D80CE52}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{9BDC0618-12B1-48C0-B6C0-7109C3BC37EE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{9EB0C9C4-2FF6-4C92-AD16-11463A37BBC9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A07D9611-9C86-498E-874E-73197594A649}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{A2FB5776-CD16-4752-84AD-DEA08C9C5D96}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{A35D779D-31FE-4DF1-9D26-2AF329BBA16E}" = protocol=17 | dir=in | app=e:\steam\steam.exe |
"{A4DCF04D-B20F-4643-8C0D-90EECC443793}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A643D1BA-4EB5-49CC-9096-A5A54304FDED}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\zombie driver\release\zombiedriver.exe |
"{A9C4DEE4-8677-4B6E-8A78-09C4F404298D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B40C975F-588E-4626-8050-B2821C5B9A62}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{BC05FF5C-8E81-4FFB-878E-076F8D967C28}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{BD2F7C95-9B95-4305-B41E-D4B46BD2D8A7}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{BDA3D8FF-8AC2-41B6-BD3B-0004260E1C87}" = protocol=17 | dir=in | app=c:\users\3vil\appdata\roaming\dropbox\bin\dropbox.exe |
"{C1892E0A-B908-4476-89B4-5C0C06F118CF}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{C1E0FFE2-3059-43C4-87E0-07D601867CEC}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
"{CE7504A2-E39F-47D5-8DFB-97065C0F6739}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D0E43AA7-F357-46E7-B7E5-CC7DDBCE7276}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D104CBB0-0DFC-4114-B296-4B7C80106E30}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{DE0A1F5A-664E-46FF-929E-2ECBDB29B22F}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
"{DFB7BCAE-960E-4147-95BC-5A7D2E82A803}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{E84F77C8-6D9F-4250-A731-A2190A29E4DE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EA30987E-1C85-47B3-A5C3-2ECC8D7B666B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{EB46EDA4-FE7A-42EA-91EB-8B0432F2BB42}" = protocol=6 | dir=in | app=c:\users\3vil\appdata\roaming\dropbox\bin\dropbox.exe |
"{EE8019BF-4005-4C29-B081-123BEC6D216D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F24902EB-2D0F-41BA-A616-DCCB7CA55DA1}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\saints row the third\game_launcher.exe |
"{F5333413-24B2-4173-BDA5-2065C97CFE63}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FE9AE830-1814-4730-80B3-4CC9ED473705}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"TCP Query User{56FE4FEB-41F7-4549-BF9B-69A22E6EDC35}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{5B1409FE-5554-439D-9623-AF116F568A05}E:\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=e:\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{623EA236-418C-4B0D-BF0C-C4150875055A}C:\users\3vil\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\3vil\appdata\roaming\spotify\spotify.exe |
"TCP Query User{70D33BFC-EE49-46FD-8478-C0451799D000}D:\[ progz ]\[ media ]\[ v!deo ]\vlc-2.0.1\vlc.exe" = protocol=6 | dir=in | app=d:\[ progz ]\[ media ]\[ v!deo ]\vlc-2.0.1\vlc.exe |
"TCP Query User{C7F8D124-C86A-480F-9237-705262B94976}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{D58C14DC-5844-475D-B368-AF3DD0612984}E:\terraria-server\terrariaserver.exe" = protocol=6 | dir=in | app=e:\terraria-server\terrariaserver.exe |
"TCP Query User{EA6F84C1-5CE6-40DB-9F10-7EDF68C8504F}C:\program files (x86)\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"TCP Query User{EE007E03-A73C-446D-A844-3B754980F87C}E:\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\terraria\terrariaserver.exe |
"UDP Query User{25319088-F667-4895-98F1-24BCE72BD452}E:\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=e:\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{39A1C268-AC97-4B01-83C2-99D2ABCB4308}C:\users\3vil\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\3vil\appdata\roaming\spotify\spotify.exe |
"UDP Query User{BDB1948A-8B95-4DDD-82DD-9304AD59503C}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{C073A7F8-9118-4505-B491-D3972FE6233A}D:\[ progz ]\[ media ]\[ v!deo ]\vlc-2.0.1\vlc.exe" = protocol=17 | dir=in | app=d:\[ progz ]\[ media ]\[ v!deo ]\vlc-2.0.1\vlc.exe |
"UDP Query User{DA119BBB-64DB-4BB0-A7BE-043AA3F371BF}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{DF4E4A4E-91C0-4728-9F75-517C1BE2D07E}C:\program files (x86)\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"UDP Query User{EC83B62B-C625-4059-96F2-AB6CED941912}E:\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\terraria\terrariaserver.exe |
"UDP Query User{EE64FFE6-8791-4003-B9F4-6275940F9883}E:\terraria-server\terrariaserver.exe" = protocol=17 | dir=in | app=e:\terraria-server\terrariaserver.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{06DB2C4C-DC29-DA42-3B00-5581CBF545BB}" = AMD Drag and Drop Transcoding
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{2D58E228-ACD8-0B8A-E1FF-D3F7020DA30F}" = AMD Media Foundation Decoders
"{3987279A-3504-2916-D063-741B910F0747}" = AMD Accelerated Video Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1" = DirectX 9.0c Extra Files (x86, x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{AA6F009F-0CCD-4DD6-A462-28419C101D54}" = HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CB500A52-1B84-CA65-BB07-D092FCE39E42}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{DDEBB7D6-671C-468D-98EB-EF9F1A1BC524}" = RT 7 Lite x64
"{E2C98732-F973-4985-A9C5-DC06178E16EE}" = Microsoft Mathematics-Add-In (64 Bit)
"{E4490157-303F-F06F-FB6E-D2053A43A182}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1" = DirectX for Managed Code
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Logitech Gaming Software" = Logitech Gaming Software 8.20
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{05B2AAA8-F30A-163D-76E4-9E618DBDAFB1}" = Catalyst Control Center InstallProxy
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{235211CA-D0E3-4EC8-95D4-C024CE37537C}" = WISO Mein Geld 2012 Professional
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{25D1F70B-0B90-495C-8ADC-4FF0855EF92E}" = Adobe Shockwave Player 11.6
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3BB4634D-CEE5-7AB0-D78D-EA263389A8AB}" = Catalyst Control Center
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F64A46D-67F7-4497-AEA2-313D4305A5F6}" = Torchlight
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74E9DD22-03B1-DE37-C677-4796ACECE6A7}" = CCC Help German
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DC11D9A-6DCD-4064-8363-63914A0122AB}" = C4500
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2F036FE-A916-4EBB-8621-5403444940D3}_is1" = Tiggit
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C41E46F9-0F37-8379-E792-B323021FA4BB}" = Catalyst Control Center Localization All
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CF408B76-8698-4298-B549-5E6A94931B64}" = PS_AIO_04_C4500_Software_Min
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 GOLD
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E12ABE6F-830C-AE8F-29EA-76FEC5F2D376}" = Catalyst Control Center Graphics Previews Common
"{E3749996-2D35-4591-B06A-4F62F2A5E18E}" = Nero Kwik Media
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAF448F1-4460-440C-9280-07F66A63D6F5}" = Nero Kwik Media
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Cain & Abel v4.9.43" = Cain & Abel v4.9.43
"Cinergy HT PCI MKII" = Cinergy HT PCI MKII V3.01.01.27
"DAEMON Tools Lite" = DAEMON Tools Lite
"FileZilla Client" = FileZilla Client 3.5.3
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.6.0 (Full)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.50
"NCLauncher_GameForge" = NC Launcher (GameForge)
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Password Safe" = Password Safe
"Picasa 3" = Picasa 3
"Steam App 105600" = Terraria
"Steam App 209830" = Lone Survivor
"Steam App 220" = Half-Life 2
"Steam App 26800" = Braid
"Steam App 31410" = Zombie Driver
"Steam App 40800" = Super Meat Boy
"Steam App 40810" = Super Meat Boy Editor
"Steam App 48000" = LIMBO
"Steam App 55230" = Saints Row: The Third
"Steam App 620" = Portal 2
"Steam App 644" = Portal 2 Publishing Tool
"TeamViewer 7" = TeamViewer 7
"Trillian" = Trillian
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.8.0 (32-bit)
"WISO Mein Geld 2012 Professional" = WISO Mein Geld 2012 Professional
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"RT 7 Lite x64" = RT 7 Lite (64-Bit)
"Spotify" = Spotify
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.07.2012 13:36:58 | Computer Name = Mainterminal | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: thunderbird.exe, Version: 14.0.0.4577,
Zeitstempel: 0x5000a8e8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00bc000a ID des fehlerhaften
Prozesses: 0x788 Startzeit der fehlerhaften Anwendung: 0x01cd650bee94a0c4 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 2c5b2c4e-d0ff-11e1-bf80-0016e6ddea30
Error - 18.07.2012 13:37:49 | Computer Name = Mainterminal | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: thunderbird.exe, Version: 14.0.0.4577,
Zeitstempel: 0x5000a8e8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0788000a ID des fehlerhaften
Prozesses: 0x1358 Startzeit der fehlerhaften Anwendung: 0x01cd650c09f033d0 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 4a5c1fb6-d0ff-11e1-bf80-0016e6ddea30
Error - 18.07.2012 13:38:14 | Computer Name = Mainterminal | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: thunderbird.exe, Version: 14.0.0.4577,
Zeitstempel: 0x5000a8e8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0642000a ID des fehlerhaften
Prozesses: 0xe24 Startzeit der fehlerhaften Anwendung: 0x01cd650c1afc9e48 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 595029a3-d0ff-11e1-bf80-0016e6ddea30
Error - 18.07.2012 13:38:34 | Computer Name = Mainterminal | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: thunderbird.exe, Version: 14.0.0.4577,
Zeitstempel: 0x5000a8e8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x053e000a ID des fehlerhaften
Prozesses: 0xd78 Startzeit der fehlerhaften Anwendung: 0x01cd650c2546e4ca Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 654a2247-d0ff-11e1-bf80-0016e6ddea30
Error - 18.07.2012 13:38:39 | Computer Name = Mainterminal | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: thunderbird.exe, Version: 14.0.0.4577,
Zeitstempel: 0x5000a8e8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x06af000a ID des fehlerhaften
Prozesses: 0x760 Startzeit der fehlerhaften Anwendung: 0x01cd650c29875d8a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 685327e8-d0ff-11e1-bf80-0016e6ddea30
Error - 18.07.2012 13:38:44 | Computer Name = Mainterminal | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: thunderbird.exe, Version: 14.0.0.4577,
Zeitstempel: 0x5000a8e8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x065d000a ID des fehlerhaften
Prozesses: 0x844 Startzeit der fehlerhaften Anwendung: 0x01cd650c2cc09ba0 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 6b5c7baa-d0ff-11e1-bf80-0016e6ddea30
Error - 18.07.2012 13:42:51 | Computer Name = Mainterminal | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: thunderbird.exe, Version: 14.0.0.4577,
Zeitstempel: 0x5000a8e8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x069f000a ID des fehlerhaften
Prozesses: 0x1214 Startzeit der fehlerhaften Anwendung: 0x01cd650cbe8add4f Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: fe83aa34-d0ff-11e1-bf80-0016e6ddea30
Error - 18.07.2012 13:43:09 | Computer Name = Mainterminal | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 14.0.1.4577,
Zeitstempel: 0x5000b729 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00c6000a ID des fehlerhaften
Prozesses: 0x858 Startzeit der fehlerhaften Anwendung: 0x01cd650ccaab2dd5 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 099b9aec-d100-11e1-bf80-0016e6ddea30
Error - 18.07.2012 13:49:37 | Computer Name = Mainterminal | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: thunderbird.exe, Version: 14.0.0.4577,
Zeitstempel: 0x5000a8e8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0828000a ID des fehlerhaften
Prozesses: 0xda4 Startzeit der fehlerhaften Anwendung: 0x01cd650dafd66dbb Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: f0783c54-d100-11e1-bf80-0016e6ddea30
Error - 18.07.2012 13:54:42 | Computer Name = Mainterminal | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: thunderbird.exe, Version: 14.0.0.4577,
Zeitstempel: 0x5000a8e8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc000041d Fehleroffset: 0x74e74d62 ID des fehlerhaften
Prozesses: 0x1458 Startzeit der fehlerhaften Anwendung: 0x01cd650e65d6c088 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: a6594f1c-d101-11e1-ae0f-0016e6ddea30
[ System Events ]
Error - 16.07.2012 03:47:00 | Computer Name = Mainterminal | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.07.2012 03:47:01 | Computer Name = Mainterminal | Source = DCOM | ID = 10005
Description =
Error - 16.07.2012 03:47:01 | Computer Name = Mainterminal | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.07.2012 03:47:02 | Computer Name = Mainterminal | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.07.2012 03:47:02 | Computer Name = Mainterminal | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.07.2012 03:47:02 | Computer Name = Mainterminal | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.07.2012 03:47:02 | Computer Name = Mainterminal | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.07.2012 03:47:02 | Computer Name = Mainterminal | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.07.2012 03:48:39 | Computer Name = Mainterminal | Source = Service Control Manager | ID = 7001
Description = Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 18.07.2012 12:51:57 | Computer Name = Mainterminal | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?18.?07.?2012 um 16:46:00 unerwartet heruntergefahren.
< End of report > |