Kimura9000 | 04.09.2012 21:29 | Ukash Bundespolizei Trojaner 100 Euro Hallo liebe Helfer,
Problem: Topic
OTL Logs: OTL.Txt: Code:
OTL logfile created on: 04.09.2012 22:02:24 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\*****\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,87 Gb Total Physical Memory | 3,36 Gb Available Physical Memory | 86,93% Memory free
7,73 Gb Paging File | 7,22 Gb Available in Paging File | 93,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,66 Gb Total Space | 308,43 Gb Free Space | 68,14% Space Free | Partition Type: NTFS
Drive E: | 470,05 Mb Total Space | 465,55 Mb Free Space | 99,04% Space Free | Partition Type: FAT32
Computer Name: ***** | User Name: **** | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Julia\Desktop\OTL.exe (OldTimer Tools)
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - (WebOptimizer) -- C:\Windows\SysNative\dmwu.exe ()
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (Web Assistant Updater) -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (mfevtp) -- C:\Programme\Common Files\mcafee\systemcore\mfevtps.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (BazisPortableCDBus) -- C:\Windows\SysNative\drivers\BazisPortableCDBus.sys (SysProgs.org)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV - ({B154377D-700F-42cc-9474-23858FBDF4BD}) -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl (CyberLink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (sfhlp01) -- C:\Windows\SysWOW64\drivers\sfhlp01.sys (Protection Technology)
DRV - (prohlp02) -- C:\Windows\SysWOW64\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\Windows\SysWOW64\drivers\prodrv06.sys (Protection Technology)
DRV - (prosync1) -- C:\Windows\SysWOW64\drivers\prosync1.sys (Protection Technology)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273604119145l0414z145v4732200o
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273604119145l0414z145v4732200o
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273604119145l0414z145v4732200o
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273604119145l0414z145v4732200o
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Julia\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273604119145l0414z145v4732200o
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ecosia.org/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {2847D8C6-1E97-45A1-B333-09401D1511F4}
IE - HKCU\..\SearchScopes\{2847D8C6-1E97-45A1-B333-09401D1511F4}: "URL" = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE426
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb155/?search={searchTerms}&loc=IB_DS&a=6OyG6tS0Tj&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb155?a=6OyG6tS0Tj&i=26"
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb155/?loc=IB_DS&a=6OyG6tS0Tj&&i=26&search="
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.09.03 21:48:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.08.28 11:39:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.09.03 21:48:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.07.21 14:59:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.07.21 13:48:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Extensions
[2012.06.26 10:39:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\g8bwcw35.default\extensions
[2012.06.26 10:39:36 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\g8bwcw35.default\extensions\ffxtlbr@incredibar.com
[2012.06.26 10:39:11 | 000,002,203 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\g8bwcw35.default\searchplugins\MyStart Search.xml
[2012.04.26 11:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.11.08 00:45:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.08.28 11:39:56 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2012.09.03 21:48:18 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2011.07.08 09:31:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com/
CHR - Extension: No name found = C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.131.2_0\
CHR - Extension: No name found = C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7280_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20110512110006.dll (McAfee, Inc.)
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110721145956.dll (McAfee, Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [QuteCom] C:\Program Files (x86)\QuteCom\QuteCom.exe -b File not found
O4 - HKCU..\Run: [WcsPlugInService] C:\Users\Julia\AppData\Local\Microsoft\Windows\4037\WcsPlugInService.exe ()
O4 - Startup: C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D617AA91-BEE8-4504-A19A-B5F7D2CEF242}: DhcpNameServer = 192.168.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBE8EDFF-40B4-4F01-B66D-8CE039DB5E4E}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{05e97c78-764a-11e0-a3ea-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{05e97c78-764a-11e0-a3ea-88ae1d9e405d}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{05e97c8b-764a-11e0-a3ea-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{05e97c8b-764a-11e0-a3ea-88ae1d9e405d}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{451f2d78-a62e-11e0-9ba4-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{451f2d78-a62e-11e0-9ba4-88ae1d9e405d}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{451f2eaf-a62e-11e0-9ba4-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{451f2eaf-a62e-11e0-9ba4-88ae1d9e405d}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{47e25c7c-d3b1-11e0-9ae7-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{47e25c7c-d3b1-11e0-9ae7-88ae1d9e405d}\Shell\AutoRun\command - "" = F:\autorun_setup.bat
O33 - MountPoints2\{51a1de5b-b2a7-11e0-9b51-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{51a1de5b-b2a7-11e0-9b51-88ae1d9e405d}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{5ca59da2-da10-11e0-9c20-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{5ca59da2-da10-11e0-9c20-88ae1d9e405d}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{93801cf1-7704-11e0-a891-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{93801cf1-7704-11e0-a891-88ae1d9e405d}\Shell\AutoRun\command - "" = E:\autoplay\autoplay.exe
O33 - MountPoints2\{93801cfa-7704-11e0-a891-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{93801cfa-7704-11e0-a891-88ae1d9e405d}\Shell\AutoRun\command - "" = F:\autoplay\nop.exe
O33 - MountPoints2\{d4f321c9-bdc7-11e0-856a-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{d4f321c9-bdc7-11e0-856a-88ae1d9e405d}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{d653229d-77b1-11e0-9e0a-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{d653229d-77b1-11e0-9e0a-88ae1d9e405d}\Shell\AutoRun\command - "" = E:\autoplay\nop.exe
O33 - MountPoints2\{d653229e-77b1-11e0-9e0a-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{d653229e-77b1-11e0-9e0a-88ae1d9e405d}\Shell\AutoRun\command - "" = E:\autoplay\autoplay.exe
O33 - MountPoints2\{eeb597b5-fd61-11e0-99c0-88ae1d9e405d}\Shell - "" = AutoRun
O33 - MountPoints2\{eeb597b5-fd61-11e0-99c0-88ae1d9e405d}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.04 22:01:57 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Julia\Desktop\OTL.exe
[2012.09.04 21:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.09.04 17:02:42 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Roaming\hellomoto
[2012.09.03 21:48:21 | 000,035,328 | ---- | C] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2012.09.03 21:48:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ARFC
[2012.09.03 21:48:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WNLT
[2012.08.28 16:46:08 | 000,000,000 | ---D | C] -- C:\Users\Julia\Desktop\bilder
[2012.08.26 14:37:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xploder
[2012.08.26 14:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.08.20 12:27:01 | 000,000,000 | R--D | C] -- C:\Users\Julia\Videos
[2012.08.20 11:54:49 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.20 11:54:49 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.20 11:54:46 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.20 11:54:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.20 11:54:44 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.20 11:54:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.20 11:54:44 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.20 11:54:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.20 11:54:43 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.20 11:54:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.20 11:54:42 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.20 11:54:40 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.20 11:54:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.15 20:31:18 | 000,000,000 | ---D | C] -- C:\Spiele
[2012.08.15 20:27:49 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 20:27:43 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.15 20:27:43 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.15 20:27:43 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 20:27:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 20:27:39 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 20:27:39 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 20:27:34 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.15 20:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScummVM
[2012.08.15 20:25:35 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Roaming\ScummVM
[2012.08.15 20:25:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScummVM
[2011.07.21 13:46:47 | 013,522,064 | ---- | C] (Mozilla) -- C:\Users\Julia\Firefox_Setup_5.0.1.exe
[2011.04.10 20:38:35 | 001,029,000 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Julia\SkypeSetup.exe
========== Files - Modified Within 30 Days ==========
[2012.09.04 22:05:16 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.04 22:05:16 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.04 22:05:16 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.04 22:05:16 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.04 22:05:16 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.04 21:38:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.04 21:38:42 | 3113,254,912 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.04 21:31:10 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Julia\Desktop\OTL.exe
[2012.09.04 21:25:55 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.04 21:25:55 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.04 21:18:33 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.04 21:11:33 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.04 15:36:23 | 000,043,241 | ---- | M] () -- C:\Users\Julia\Desktop\8051_9c1c.jpg
[2012.08.30 10:44:40 | 000,097,596 | ---- | M] () -- C:\Users\Julia\Desktop\studbesch_148150.pdf
[2012.08.26 14:37:17 | 000,002,047 | ---- | M] () -- C:\Users\Julia\Desktop\NDS Xploder.lnk
[2012.08.26 14:33:48 | 000,000,032 | ---- | M] () -- C:\Windows\CD_Start.INI
[2012.08.24 10:53:39 | 000,102,599 | ---- | M] () -- C:\Users\Julia\Desktop\rueckmeldeaufforderung_haupthoerer_WS2012.pdf
[2012.08.20 12:48:36 | 000,292,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.16 13:44:16 | 000,436,344 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe
[2012.08.16 13:43:42 | 000,035,328 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2012.08.15 20:26:36 | 000,001,615 | ---- | M] () -- C:\Users\Julia\Desktop\Homebase.lnk
[2012.08.15 20:25:39 | 000,001,033 | ---- | M] () -- C:\Users\Julia\Desktop\ScummVM.lnk
========== Files Created - No Company Name ==========
[2012.09.04 15:38:41 | 000,043,241 | ---- | C] () -- C:\Users\Julia\Desktop\8051_9c1c.jpg
[2012.09.03 21:48:21 | 000,436,344 | ---- | C] () -- C:\Windows\SysNative\dmwu.exe
[2012.08.30 10:44:39 | 000,097,596 | ---- | C] () -- C:\Users\Julia\Desktop\studbesch_148150.pdf
[2012.08.26 14:37:17 | 000,002,047 | ---- | C] () -- C:\Users\Julia\Desktop\NDS Xploder.lnk
[2012.08.26 14:33:48 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2012.08.24 10:53:39 | 000,102,599 | ---- | C] () -- C:\Users\Julia\Desktop\rueckmeldeaufforderung_haupthoerer_WS2012.pdf
[2012.08.15 20:43:09 | 000,001,033 | ---- | C] () -- C:\Users\Julia\Desktop\ScummVM.lnk
[2012.08.15 20:26:36 | 000,001,615 | ---- | C] () -- C:\Users\Julia\Desktop\Homebase.lnk
[2012.06.10 20:49:29 | 000,040,070 | ---- | C] () -- C:\Users\Julia\150765_413808741984570_290487521_n.jpg
[2012.05.23 11:22:17 | 000,216,759 | ---- | C] () -- C:\Users\Julia\Sparkasse Dortmund (2).mht
[2012.03.22 13:58:28 | 000,001,470 | ---- | C] () -- C:\Users\Julia\.recently-used.xbel
[2012.02.21 00:29:14 | 000,015,580 | ---- | C] () -- C:\Users\Julia\AppData\Roaming\ekiga.conf
[2012.02.05 17:33:13 | 003,954,357 | ---- | C] () -- C:\Users\Julia\DSC09531.JPG
[2012.01.20 10:44:10 | 000,080,312 | ---- | C] () -- C:\Users\Julia\2012-01-17_10.47.01.jpg
[2011.10.23 15:29:16 | 000,000,987 | ---- | C] () -- C:\Users\Julia\Origin.lnk
[2011.09.30 12:10:00 | 000,000,000 | ---- | C] () -- C:\Users\Julia\AppData\Local\{AB686B56-EC00-4B6D-94D6-11C02CD15E22}
[2011.09.22 17:30:19 | 000,212,564 | ---- | C] () -- C:\Users\Julia\Julia.jpg
[2011.08.17 12:52:49 | 000,209,087 | ---- | C] () -- C:\Users\Julia\Sparkasse Dortmund.mht
[2011.08.05 18:07:58 | 000,364,430 | ---- | C] () -- C:\Users\Julia\Semesterticket_NRW_VRR.pdf
[2011.06.17 16:23:34 | 000,000,000 | ---- | C] () -- C:\Users\Julia\AppData\Local\{5F24C6CB-E67A-4CFF-B3E7-96C4B67C2BAE}
[2011.06.14 16:39:04 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.05.09 12:00:26 | 000,287,024 | ---- | C] () -- C:\Users\Julia\SoftonicDownloader_fuer_atube-catcher.exe
[2011.05.04 14:32:13 | 000,001,151 | ---- | C] () -- C:\Users\Julia\EA Download Manager.lnk
[2011.04.13 14:22:23 | 000,003,584 | ---- | C] () -- C:\Users\Julia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.10 20:42:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.10 20:42:16 | 000,002,263 | ---- | C] () -- C:\Users\Julia\Google Chrome.lnk
[2010.07.13 13:45:37 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:4D066AD2
< End of report > Extras.Txt: Code:
OTL Extras logfile created on: 04.09.2012 22:02:24 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,87 Gb Total Physical Memory | 3,36 Gb Available Physical Memory | 86,93% Memory free
7,73 Gb Paging File | 7,22 Gb Available in Paging File | 93,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,66 Gb Total Space | 308,43 Gb Free Space | 68,14% Space Free | Partition Type: NTFS
Drive E: | 470,05 Mb Total Space | 465,55 Mb Free Space | 99,04% Space Free | Partition Type: FAT32
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02258917-C1FA-4CA7-999E-06D221A0FB50}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A2BE576-EC7F-4517-90CD-10BB55424930}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{19A9F45E-E8AD-4806-BBF9-6F68DBE53297}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{20EEB3C9-2123-444E-B1F8-C55CAEFD88D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{21A76535-23AE-440A-8790-3F0E44888B30}" = lport=445 | protocol=6 | dir=in | app=system |
"{2C1821B2-3FDF-40CF-B59A-388073FDD1A8}" = rport=137 | protocol=17 | dir=out | app=system |
"{36B94814-C7E2-4EB3-9D85-794AA030F0B9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3F11D07D-F4A1-4B4B-ABF4-F14A3C1FFA1F}" = lport=137 | protocol=17 | dir=in | app=system |
"{48A643E8-FAF5-4099-A9A7-93E1693EE586}" = lport=2869 | protocol=6 | dir=in | app=system |
"{54307798-4553-48A0-981C-9AC05E4239AA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6AF9F38E-14EF-4F22-8AB2-0155EAA777AC}" = rport=139 | protocol=6 | dir=out | app=system |
"{75188A12-1C14-40FA-89FE-13B9C754946E}" = rport=445 | protocol=6 | dir=out | app=system |
"{76F141D2-18A9-4F3C-9C6A-8E4F5AD69FB6}" = lport=139 | protocol=6 | dir=in | app=system |
"{9E9CE656-0ADA-43DC-A604-5257AD14B317}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9FEC0520-CBA4-49ED-A369-5B5D3A3CE717}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A0E48906-28B8-4DC3-8531-5F3C8988F84B}" = rport=138 | protocol=17 | dir=out | app=system |
"{A63F463E-EA79-4D73-9DF1-BC04FE6F5E43}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AAACCD08-B47A-4935-9631-4E82A8458527}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BD74BF4A-491F-4B56-8C64-B0DCCB12924A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF664259-FB80-4ACD-A51F-7FE86CE8DE5E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E05573C3-F13E-45DE-BC11-091C058672F1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EC2CD8E0-588B-4EB0-8DF5-9C94A36FC2C9}" = lport=138 | protocol=17 | dir=in | app=system |
"{FF37D9E9-13CC-4791-B728-B1850C295FFD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E80251-ACAD-4DE2-BA50-FBB7549DCFEB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0FB9BD94-48FB-4EAD-9CF1-4823557575CC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21C22F2F-F88E-4D5D-97F5-29F817C46395}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{33082251-2C8A-4725-BEA1-082B0B6F60F5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{40C923BE-450C-4946-B3AC-A3EF902F8F43}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{51EF478C-08D2-4B58-BC77-BF9159AEBD7D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A96665A-8397-42A2-8E44-DA1890EDC637}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{64887344-4665-44EB-9E56-9DF02D135A16}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{6A7AC2C7-DC13-4582-A043-BE7747DA3593}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{6A7FDC20-8DBD-416B-8FA3-0E5965DE2931}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6EA4F5DE-408C-48D1-BCAA-BAFF6FADBFF9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7A181A72-567C-4F3E-8A5B-D76258A2039B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8367B82F-B0B1-4CFE-B9FB-07A084AB5D78}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{8CF73035-7A44-4422-80AC-651D17123AB0}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{8E7FA3D6-B5F7-4EC2-942B-4896795A4349}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{96AD9667-FC38-42BA-8067-C2307BE5CF6D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{98624E50-2489-4D79-BDB3-A9E8D0D45A6B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9EFE757F-7A85-4B10-A9AD-81DDDE8330AC}" = protocol=6 | dir=out | app=system |
"{A4E59351-14CE-41D5-B212-EBC5E8C48E14}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B12294A1-E4E6-4348-8E4F-16611F67EB04}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{B3567642-7156-4393-A089-170BE3124481}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{B428BA08-9039-4C4F-8807-A7AC037F084D}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{BB7C5A84-A69B-4717-93A1-9390B859FD7B}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{BEDFFE72-1E56-40CC-8055-F2A31C01CF74}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D06374DB-06AB-47A6-BA29-656DB71367FD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E36C1D0B-CA4D-403E-8120-384319904DC4}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{E775120C-25AA-4063-B322-F6EB907A6A27}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7B57D5F-6334-4E5B-AFC7-55F87350B3B7}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{EA0D7B69-90E8-4D51-B2A3-EBD652E5E0BD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F23012EC-448B-4568-A523-0A8306D219BC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F831512F-9A08-4E5D-8C12-24B020AACA0C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{FBFC9279-9827-4D92-9231-23A5BFBF0829}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.478
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{3DF2B8CD-072D-49F5-BCF8-1DB86B0DF632}" = HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WNLT" = Web Optimizer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0D00CD3F-AEDC-45F1-A2DD-DADF74407D7B}_is1" = Edna Bricht Aus 6.3
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = Die Sims™ 3 Showtime
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{58D4AE57-ACDE-4A07-9BBD-34B15D54526C}" = Playboy - The Mansion
"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 3.7
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{8983409B-E79D-4712-ABDC-665052FF625B}" = Everlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9833B6C4-74F3-4F2C-B74A-9F3538E092CA}" = RUNAWAY - A road adventure
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5101403-2C42-40E0-8D9E-5E49E7C3B89E}" = Tycoon City - New York
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E34E9B33-46EC-4252-A52F-DDA3978CC0AF}" = Syberia
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Hilfe
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"1489-3350-5074-6281" = JDownloader 0.9
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Activision_THPS2UninstallKey" = Tony Hawk's Pro Skater 2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Deponia" = Deponia
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"DSXploder" = NDS Xploder Cheat System
"Foxit Reader_is1" = Foxit Reader 5.0
"Geheime Fälle: Die gestohlene Venus" = Geheime Fälle: Die gestohlene Venus
"Google Chrome" = Google Chrome
"GTK2-Runtime" = GTK2-Runtime
"Harvey" = Harveys Neue Augen
"HP Photo Creations" = HP Photo Creations
"Identity Card" = Identity Card
"ImgBurn" = ImgBurn
"incredibar" = Incredibar Toolbar on IE and Chrome
"InfraRecorder" = InfraRecorder
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"Mata Hari_is1" = Mata Hari
"Mozilla Firefox 5.0.1 (x86 de)" = Mozilla Firefox 5.0.1 (x86 de)
"MSC" = McAfee Internet Security Suite
"Origin" = Origin
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies
"Pidgin" = Pidgin
"S2TNG" = Die Siedler II - Die nächste Generation
"ScummVM_is1" = ScummVM 1.5.0
"So Blonde" = So Blonde
"VLC media player" = VLC media player 1.1.9
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.05.2012 04:50:49 | Computer Name = Julia-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 2. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
Error - 11.05.2012 04:52:54 | Computer Name = Julia-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 11.05.2012 04:56:34 | Computer Name = Julia-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 16.05.2012 04:40:14 | Computer Name = Julia-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1078 Startzeit: 01cd3337b612c36b Endzeit: 16 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID: b9a71cb8-9f32-11e1-b31f-88ae1d9e405d
Error - 11.06.2012 13:05:21 | Computer Name = Julia-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 2. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
Error - 11.06.2012 13:07:36 | Computer Name = Julia-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 11.06.2012 13:12:08 | Computer Name = Julia-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 14.06.2012 08:22:01 | Computer Name = Julia-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 77c Startzeit: 01cd4a282664aeca Endzeit: 94 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID:
Error - 20.06.2012 07:21:01 | Computer Name = Julia-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 2. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
Error - 20.06.2012 07:24:47 | Computer Name = Julia-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 20.06.2012 07:30:14 | Computer Name = Julia-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
[ System Events ]
Error - 05.02.2012 13:55:52 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06 prohlp02 prosync1 sfhlp01
Error - 06.02.2012 05:22:00 | Computer Name = Julia-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?02.?2012 um 22:49:41 unerwartet heruntergefahren.
Error - 06.02.2012 05:21:53 | Computer Name = Julia-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 06.02.2012 05:22:41 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06 prohlp02 prosync1 sfhlp01
Error - 06.02.2012 11:06:32 | Computer Name = Julia-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 06.02.2012 11:06:39 | Computer Name = Julia-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?06.?02.?2012 um 11:45:53 unerwartet heruntergefahren.
Error - 06.02.2012 11:07:05 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06 prohlp02 prosync1 sfhlp01
Error - 08.02.2012 12:29:14 | Computer Name = Julia-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?07.?02.?2012 um 18:48:32 unerwartet heruntergefahren.
Error - 08.02.2012 12:29:08 | Computer Name = Julia-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 08.02.2012 12:30:12 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06 prohlp02 prosync1 sfhlp01
< End of report >
Für jedwede Hilfe vielen herzlichen (!!!) Dank im Voraus ! |