Wie bepsorchen hier die neusten OTL logs zwecks check
OTL Logfile: Code:
OTL logfile created on: 24.10.2012 20:01:28 - Run 5
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Users\Thomas\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,75 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 40,75% Memory free
3,49 Gb Paging File | 1,73 Gb Available in Paging File | 49,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 145,62 Gb Free Space | 62,53% Space Free | Partition Type: NTFS
Computer Name: THOMAS-LAPTOP | User Name: Thomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.10.02 15:31:52 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe
PRC - [2012.09.03 09:13:08 | 000,188,760 | ---- | M] () -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe
PRC - [2012.08.29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012.08.29 15:45:24 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.01.04 01:29:06 | 000,165,088 | ---- | M] (Fieldston Software) -- C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
PRC - [2011.06.27 08:27:58 | 000,220,552 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2010.10.11 12:07:02 | 002,271,600 | ---- | M] (creativbox.net, Torsten Leithold & Georg von Kries GbR) -- C:\Program Files (x86)\creativbox.net\SimpleSYN 2.1\CBN.SimpleSYN.NET.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.16 18:02:48 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\b345f2895557e6ef39b94aebdeb4a57e\System.WorkflowServices.ni.dll
MOD - [2012.06.15 17:21:57 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\84fbf353f91385690a3e4e982aa6930e\System.Web.ni.dll
MOD - [2012.06.15 17:20:30 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012.06.15 17:20:13 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012.05.09 17:26:08 | 000,624,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Net\cd8ad97063680071342f13d12376fd17\System.Net.ni.dll
MOD - [2012.05.09 17:25:18 | 001,705,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\b744ac6047519b7b186db4d77a78ca0c\System.ServiceModel.Web.ni.dll
MOD - [2012.05.09 17:15:46 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\f93d41cf41160cc660aea5eb8be181d6\System.IdentityModel.Selectors.ni.dll
MOD - [2012.05.09 17:15:44 | 001,072,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\f77eb3dd20db5f2277636d4e700a2a2a\System.IdentityModel.ni.dll
MOD - [2012.05.09 17:15:41 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3848d7865bda88a9e94e03480b5ada2f\System.Runtime.Serialization.ni.dll
MOD - [2012.05.09 17:15:36 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\26a852935ab27c328a148effb43a76bf\SMDiagnostics.ni.dll
MOD - [2012.05.09 17:15:32 | 017,400,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\7900b4e8c860d8b4a3c1f98047c3c1a3\System.ServiceModel.ni.dll
MOD - [2012.05.09 16:59:14 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 16:59:13 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\558fa6c6131f14af258f94291a5d19d6\System.EnterpriseServices.ni.dll
MOD - [2012.05.09 16:59:11 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\61fbbd8bc7d76972115b292b132ff2d1\System.Transactions.ni.dll
MOD - [2012.05.09 16:59:09 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\294d439cfe959b5528ca81d37d3d502f\System.Data.ni.dll
MOD - [2012.05.09 16:57:30 | 000,680,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\61af058c2bc079f28397a29ed145fbc7\System.Security.ni.dll
MOD - [2012.05.09 16:57:26 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012.05.09 16:57:20 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012.05.09 16:57:18 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012.05.09 16:57:08 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2012.01.04 01:29:04 | 001,850,880 | ---- | M] () -- C:\Program Files (x86)\Fieldston Software\gSyncit\gSyncit.core.dll
MOD - [2009.07.14 19:58:23 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2009.07.14 19:58:23 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll
MOD - [2009.07.14 19:58:15 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Configuration.resources.dll
MOD - [2009.07.14 19:58:14 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_de_b77a5c561934e089\System.Data.resources.dll
MOD - [2009.07.14 19:58:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.06.10 23:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009.06.10 23:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.09.13 15:26:50 | 001,259,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (WebOptimizer)
SRV:64bit: - [2011.12.13 10:29:20 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.09.29 22:49:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.14 18:38:27 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 20:17:17 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.03 09:13:08 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2012.08.30 13:05:28 | 000,827,560 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012.08.29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.13 10:34:52 | 002,028,864 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.13 10:29:16 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.11.15 01:49:06 | 000,032,768 | ---- | M] (STRATO) [Auto | Running] -- C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive Service.exe -- (STRATO HiDrive Service)
SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.06.24 15:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Programme\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.17 18:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 18:59:32 | 000,485,680 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.01.09 18:59:30 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2012.01.09 18:59:30 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.07.28 12:27:17 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2011.05.18 10:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.05.18 10:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.05.18 10:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.05.18 10:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.05.18 10:09:48 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011.05.18 10:09:48 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011.05.07 17:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2011.05.02 19:37:01 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.08 01:22:22 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.09.30 00:51:14 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.09.30 00:51:14 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.09.29 22:13:38 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.06.17 05:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010.05.14 18:04:16 | 000,073,856 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010.05.14 18:04:16 | 000,028,800 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010.04.29 05:43:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.08 11:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2012.08.30 13:05:42 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011.12.12 16:11:50 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.07.28 12:27:17 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb139?a=6PQASKsh3i&i=26
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 6C C2 1B 76 2B CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6PQASKsh3i&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://forum.gamersvillage.de/"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.09.21 22:51:53 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.10.02 16:54:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.09.21 22:51:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.10.02 16:54:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.14 18:38:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.14 18:38:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.14 18:38:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.14 18:38:21 | 000,000,000 | ---D | M]
[2011.05.02 20:19:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions
[2012.10.23 20:17:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\elhy5yky.Thomas\extensions
[2011.12.25 23:06:03 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\elhy5yky.Thomas\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012.10.20 15:04:05 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\elhy5yky.Thomas\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.18 23:00:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\h0q3jeed.default\extensions
[2011.05.12 21:33:29 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\h0q3jeed.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.18 23:00:15 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\h0q3jeed.default\extensions\ffxtlbr@incredibar.com
[2012.07.25 22:57:08 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\elhy5yky.Thomas\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.08.24 22:50:17 | 000,028,993 | ---- | M] () (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\h0q3jeed.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi
[2011.05.27 16:49:09 | 000,002,057 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\h0q3jeed.default\searchplugins\youtube-videosuche.xml
[2012.10.14 18:38:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.14 18:38:27 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.10 17:45:09 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.13 18:58:48 | 002,418,176 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFp530.dll
[2012.06.23 15:04:21 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.12 17:46:02 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.23 15:04:21 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.23 15:04:21 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.23 15:04:21 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.23 15:04:21 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll ()
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [gSyncit] C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe (Fieldston Software)
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet File not found
O4 - HKCU..\Run: [ShowBatteryBar] C:\Program Files\BatteryBar\ShowBatteryBar.exe ()
O4 - HKCU..\Run: [SimpleSYN.NET] C:\Program Files (x86)\creativbox.net\SimpleSYN 2.1\CBN.SimpleSYN.NET.exe (creativbox.net, Torsten Leithold & Georg von Kries GbR)
O4 - Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk = C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive.exe (STRATO)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18142464-BC57-41A3-B2F8-11930A39B49D}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.10.16 17:11:33 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\OTLPE
[2012.10.16 17:03:38 | 000,000,000 | ---D | C] -- C:\eeepcfr
[2012.10.16 17:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.10.16 17:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012.10.16 17:02:41 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\aaaaaaaaaaaa
[2012.10.14 18:38:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.14 11:09:13 | 000,000,000 | --SD | C] -- C:\Users\Thomas\Google Drive
[2012.10.14 11:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012.10.14 10:25:37 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\handy
[2012.10.10 14:57:08 | 005,505,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.10 14:57:07 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.10 14:57:07 | 003,902,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.10 14:56:27 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.10 14:56:26 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.10 14:56:26 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.10 14:56:26 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.10 14:56:25 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.10 14:56:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.10 14:56:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.10 14:56:24 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.10 14:56:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.10 14:56:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.10 14:56:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.10 14:56:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.10 14:56:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 14:56:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 14:56:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 14:56:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 14:56:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 14:56:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 14:56:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 14:56:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 14:56:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 14:56:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 14:56:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 14:56:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 14:56:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 14:56:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 14:56:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 14:56:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 14:56:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 14:56:21 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 14:56:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 14:56:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 14:56:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 14:56:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 14:56:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 14:56:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 14:56:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.10 14:55:41 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 14:54:58 | 001,462,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 14:54:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.02 20:42:39 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\Bewerbung
[2012.10.02 16:58:04 | 000,011,864 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl2.sys
[2012.10.02 16:58:02 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2012.10.02 16:57:55 | 000,485,680 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.10.02 16:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012.10.02 16:55:31 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.10.02 16:54:26 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Documents\ForceField Shared Files
[2012.10.02 16:54:26 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\CheckPoint
[2012.10.02 16:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2012.10.02 16:33:48 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\Malwarebytes
[2012.10.02 16:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.02 16:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.02 16:33:31 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.02 16:33:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.10.02 16:16:19 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\logs
[2012.10.02 15:31:31 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe
[2012.10.02 15:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2012.10.02 15:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2012.10.02 14:28:30 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Thomas\Desktop\HiJackThis204.exe
[2011.05.14 09:23:01 | 005,816,688 | ---- | C] (creativbox.net - Internet Lösungen) -- C:\Users\Thomas\SimpleSYN_21_de_DE_x86.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.10.24 19:33:57 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.24 19:33:57 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.24 19:33:57 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.24 19:33:57 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.24 19:33:57 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.24 19:31:27 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.24 19:18:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.24 16:03:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.24 14:31:10 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.24 14:20:41 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.24 14:20:41 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.24 14:10:57 | 1405,276,160 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.21 18:28:10 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.21 16:59:01 | 000,302,592 | ---- | M] () -- C:\Users\Thomas\Desktop\opppn0d6.exe
[2012.10.19 17:05:50 | 000,294,921 | ---- | M] () -- C:\Users\Thomas\Desktop\2012_Spieleabend.pdf
[2012.10.16 16:21:41 | 000,515,892 | ---- | M] () -- C:\eeepcfr.zip
[2012.10.15 18:16:49 | 000,180,104 | ---- | M] () -- C:\Users\Thomas\Desktop\Merkhilfe.pdf
[2012.10.14 11:09:15 | 000,001,719 | ---- | M] () -- C:\Users\Thomas\Desktop\Google Drive.lnk
[2012.10.09 20:17:12 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.09 20:17:12 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.02 17:04:14 | 000,415,877 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2012.10.02 16:56:52 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012.10.02 16:16:25 | 000,070,057 | ---- | M] () -- C:\Users\Thomas\Desktop\logs.zip
[2012.10.02 15:54:44 | 000,000,000 | ---- | M] () -- C:\Users\Thomas\defogger_reenable
[2012.10.02 15:31:52 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe
[2012.10.02 15:31:21 | 000,050,477 | ---- | M] () -- C:\Users\Thomas\Desktop\Defogger.exe
[2012.10.02 14:22:19 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Thomas\Desktop\HiJackThis204.exe
[2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.25 13:40:50 | 000,352,514 | ---- | M] () -- C:\Users\Thomas\Desktop\scan038.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.10.21 16:58:45 | 000,302,592 | ---- | C] () -- C:\Users\Thomas\Desktop\opppn0d6.exe
[2012.10.19 17:05:46 | 000,294,921 | ---- | C] () -- C:\Users\Thomas\Desktop\2012_Spieleabend.pdf
[2012.10.16 16:25:28 | 000,515,892 | ---- | C] () -- C:\eeepcfr.zip
[2012.10.15 18:16:34 | 000,180,104 | ---- | C] () -- C:\Users\Thomas\Desktop\Merkhilfe.pdf
[2012.10.14 11:09:15 | 000,001,719 | ---- | C] () -- C:\Users\Thomas\Desktop\Google Drive.lnk
[2012.10.02 16:58:11 | 000,415,877 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2012.10.02 16:56:52 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012.10.02 16:33:34 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.02 16:16:25 | 000,070,057 | ---- | C] () -- C:\Users\Thomas\Desktop\logs.zip
[2012.10.02 15:54:44 | 000,000,000 | ---- | C] () -- C:\Users\Thomas\defogger_reenable
[2012.10.02 15:31:14 | 000,050,477 | ---- | C] () -- C:\Users\Thomas\Desktop\Defogger.exe
[2012.09.25 13:43:29 | 000,352,514 | ---- | C] () -- C:\Users\Thomas\Desktop\scan038.pdf
[2012.09.17 16:42:58 | 000,002,839 | ---- | C] () -- C:\Users\Thomas\.recently-used.xbel
[2012.04.19 20:56:30 | 007,215,042 | ---- | C] () -- C:\Users\Thomas\Peter Lustig Das Loblied der Latzhose.wma
[2011.12.04 12:28:52 | 000,577,536 | ---- | C] () -- C:\Windows\SysWow64\ChilkatCsv.dll
[2011.09.30 22:21:46 | 000,074,334 | ---- | C] () -- C:\Users\Thomas\me2.jpg
[2011.08.15 18:30:36 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.08.15 18:30:36 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.08.11 21:32:00 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.08.06 17:23:45 | 000,000,010 | ---- | C] () -- C:\Windows\WININIT.INI
[2011.05.22 13:12:41 | 000,003,584 | ---- | C] () -- C:\Users\Thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.21 16:10:17 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2011.05.21 16:10:16 | 000,002,333 | ---- | C] () -- C:\Windows\unins000.dat
[2011.05.14 09:26:30 | 000,000,130 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.05.02 21:23:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.10.12 20:13:57 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\.purple
[2011.06.11 11:09:05 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\BatteryBar
[2012.10.02 16:54:26 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\CheckPoint
[2012.10.24 14:19:00 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Dropbox
[2012.10.20 15:04:35 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
[2011.08.26 17:42:13 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.08 20:22:26 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\elsterformular
[2011.12.28 15:17:46 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\EurekaLog
[2012.09.27 20:48:43 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\FileZilla
[2011.09.25 11:45:55 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Garmin
[2012.09.21 22:56:09 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\gsak
[2012.10.24 19:45:28 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\gSyncit
[2012.09.08 15:02:51 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\gtk-2.0
[2012.05.08 22:20:03 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\IrfanView
[2012.02.01 19:57:47 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Nokia Ovi Suite
[2011.05.27 18:44:30 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Notepad++
[2011.08.15 16:22:11 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\PC Suite
[2012.07.16 13:54:42 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\STRATO
[2012.02.01 21:29:00 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Synthesia
[2012.02.01 18:53:10 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\TuneUp Software
========== Purity Check ==========
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 24.10.2012 20:01:28 - Run 5
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Users\Thomas\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,75 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 40,75% Memory free
3,49 Gb Paging File | 1,73 Gb Available in Paging File | 49,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 145,62 Gb Free Space | 62,53% Space Free | Partition Type: NTFS
Computer Name: THOMAS-LAPTOP | User Name: Thomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Unable to open value key File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
http [open] -- Reg Error: Unable to open value key
https [open] -- Reg Error: Unable to open value key
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
http [open] -- Reg Error: Unable to open value key
https [open] -- Reg Error: Unable to open value key
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009F1993-D895-42EC-AE94-1438A33AB613}" = lport=139 | protocol=6 | dir=in | app=system |
"{01950809-75A8-456A-BD5D-6D9F96C8CFCD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{03CF7DC7-3BB8-4354-8F36-5E52A337DB4F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{152AF3D2-15E0-4A45-B3E9-70849B82DC2F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{18C45366-81AB-4FBA-A63F-73A44520EDA1}" = lport=445 | protocol=6 | dir=in | app=system |
"{203410EF-3D58-412A-AACC-AB832C637293}" = rport=138 | protocol=17 | dir=out | app=system |
"{2EFF417C-0944-4AF6-88EE-68C631013DD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4C16B16F-E8D1-4F40-B21B-C130FBAEF900}" = rport=139 | protocol=6 | dir=out | app=system |
"{53469E56-6A28-4D85-BA3C-E7482D2E045E}" = lport=137 | protocol=17 | dir=in | app=system |
"{5D2A7D8D-44D4-4CD9-92F1-3774B6364284}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5D78AD86-60C9-4DB2-B7C9-061A3980B002}" = rport=137 | protocol=17 | dir=out | app=system |
"{5E9D1BA1-EE52-495C-8CB0-A20FFB2C0B46}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{660CBF9F-D873-4AAB-87D6-2BB4DF748F3E}" = lport=138 | protocol=17 | dir=in | app=system |
"{7753DCC0-9F0C-4306-BFDE-44A55B4C1468}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7CF15ED0-1491-4433-B12E-7A8417A18B64}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{853EF285-EB9E-4B53-BCA9-A859725A2F93}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9112B149-2A87-4D63-AD92-75D137CEC526}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{95F2B770-E1C2-4C00-B44D-1B499427A558}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A195CEC6-52D9-4368-A835-D9F74BFE358C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B34C9AB4-F4B5-4CC3-8796-5A2BCF879BA1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C0CCE71E-AC5B-4CA5-8F8A-361385E40FB8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C4586BD9-F26A-4B2C-96B1-01BF0CBCE261}" = rport=445 | protocol=6 | dir=out | app=system |
"{C85F5EE1-DDE7-43D3-99A4-A26C9F19072F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CE666F4A-0E85-4A74-8807-D5E23788A9A9}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{D8611E18-0011-42DC-B01D-7489FCD4BFDD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F0C6EEEB-0D13-451B-BA3D-B6BA2192CF72}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F66806CC-7D81-4D32-BD50-A239F76F3C62}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{F7E92274-6EEA-418F-B860-24CB2B56C488}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FD4E9F9C-A811-4B31-97C8-C1EEEC980BEE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FF1930A5-46B9-41DC-B5CF-541C690A1774}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{090A505C-1DC1-4080-A737-46B0AFA0E332}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{0959AB51-30D3-4C7C-A96A-363A5A4A595A}" = protocol=6 | dir=out | app=c:\program files (x86)\creativbox.net\simplesyn 2.1\cbn.simplesyn.net.exe |
"{102AC434-CA28-49A3-9D4C-8EE5BC6B55B0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{11DFB0D3-CF2A-4E7B-9775-1CD1ACF5CF8C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{16D952BC-6287-4CE5-A033-74B9A42D3CE9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1A160A7F-BDC5-4D3A-A848-DE540EB5A396}" = protocol=6 | dir=out | app=system |
"{1CF9584E-D25A-4644-9867-375EE9707069}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{2BA62F6F-009C-4FD7-8027-97AC6250DBD7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2D2761D1-02DA-4C3A-B1AF-C63ADF776112}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{35246083-F4C2-4228-858E-896F95B1DE8E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{370E117D-03D1-4241-9967-B710B934E760}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{39533DAB-B314-49DB-96E7-A1A0B6BC9B21}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{42D83C5A-13B2-43FF-8A3B-CAD62BC700A1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43314D40-461A-44FA-8E2A-F9238B8C7816}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{4E1F1F1B-51D8-4555-AF55-C49A14ADA8FF}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{500074CD-FD47-4090-B8E8-EB6C4D750C12}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{513878AC-BBAB-4FE2-8312-BEDCC5E44694}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{57207465-3D2B-442C-818C-AAECAD3FB513}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{59CEDD5F-5803-4EF8-9C3F-D8E00FF78834}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6937002E-EAD1-46EE-99B2-08262C11B563}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{7AE0510D-AFFD-43A5-A4AA-49062E1815C0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7B7A981E-4AF3-4518-A645-CBDD27F5AFF6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7D06ED00-5C36-4912-8FC9-0C04CD212E71}" = protocol=17 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{7FF63159-6E44-4001-9465-475A0884779F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9052315F-5B7A-4C22-8E82-42666098558A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{93A6ACC7-4F63-40BE-A12A-8A71EEED6317}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{AAB1EACE-DA4D-4771-A074-53E2B6A56F22}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{BED41730-D5C6-4FE9-A010-181F2780E613}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C0763321-0DFA-44C0-A3E1-61D10B3C0DEE}" = protocol=6 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{CB82AD16-C6DC-40CD-8D47-6F1C904E4DF3}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{D53F1DD9-20E4-4551-8DB7-8775FD566F8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9792390-47C3-4B8A-8497-499193E5DBD6}" = protocol=6 | dir=in | app=c:\program files (x86)\creativbox.net\simplesyn 2.1\cbn.simplesyn.net.exe |
"{DB22D2C4-58AD-482D-B418-531FFD905F45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DEE91FD1-88A3-4068-B200-3AF18C1D3C12}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{E53B5825-4288-4AA1-B834-775EBE5A6363}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E7EDD54A-1B7C-4991-9B98-88EF4AD0AED1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F5C2F14B-5F72-4D3E-831A-27444703F563}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{FA21EA6D-FC24-47D9-A28B-CC236DB497DB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{5957FF87-49EA-4661-BB20-7316C86F33B1}C:\program files (x86)\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe |
"TCP Query User{5BC8D985-4B80-4496-A217-3FD439955D85}C:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{92926689-3026-43D8-8605-8F57EE21E70A}C:\spiele\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\spiele\empire earth\empire earth.exe |
"TCP Query User{CC1F267D-8684-4D88-915F-8EB9993448D2}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{E33F7FBA-8B73-4B38-A869-E8B4AE171D72}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{00541304-62EC-4DF3-A47E-E6C9865EB5AC}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{4A761A5C-4349-4C1E-8FBB-030B14DF6EDF}C:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{AC0960DE-FADA-4CE6-B07A-E4A1BFA5E915}C:\program files (x86)\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe |
"UDP Query User{C92B1C47-8E62-42CC-BF7E-34A142087E9B}C:\spiele\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\spiele\empire earth\empire earth.exe |
"UDP Query User{D21CC1F6-B4B6-4AF1-BCB9-7D525D224A29}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{091A0130-A82F-4A6D-9C61-3BBBB3289030}" = RtVOsd
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{28FA742C-DC52-9804-7116-E198E0AEFAE4}" = ATI Catalyst Install Manager
"{2D7B64F7-E9A3-C49B-9CEA-C4FE05F887E9}" = ccc-utility64
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.485
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"BatteryBar" = BatteryBar (remove only)
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Canon SELPHY CP760" = Canon SELPHY CP760
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WNLT" = Web Optimizer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{078BE4C5-D0AA-5AD1-6195-D4E9FB7CA8F7}" = CCC Help Greek
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19D87B80-626A-B57F-37F2-30329A5FA056}" = CCC Help Korean
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21C887C2-008E-0610-96F8-74AB3AF22784}" = CCC Help Chinese Standard
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{28639B03-FEF0-06B0-72AE-4DC2F5FE7197}" = Catalyst Control Center Graphics Previews Common
"{2A435018-6957-76A6-36A6-FB34F4EF5F6D}" = CCC Help Turkish
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{330A754C-2B53-0C5F-057F-283EC9D01D5A}" = CCC Help Japanese
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3EB4E1B3-5C51-D460-D305-9077DA4711B7}" = CCC Help French
"{4762820B-BFD0-420E-BC8F-31BEE01DC30C}" = Google Drive
"{489A887E-1F33-2DB8-B856-291B6729D832}" = CCC Help Dutch
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F649712-FA36-502C-B26B-88A9D091E1DF}" = CCC Help Finnish
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{52DE3AF0-1C26-4258-9A04-9AEBF3E145F7}" = Catalyst Control Center - Branding
"{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}" = Everio MediaBrowser HD Edition
"{5535B1B7-AB06-2922-C3F6-DEDA4E823903}" = CCC Help Italian
"{559788C7-8375-4B5E-B7BA-B5DBBD84DBB3}" = ZoneAlarm Antivirus
"{5A19A119-86B6-FD94-7479-7A4AED4F2D82}" = Catalyst Control Center Graphics Previews Vista
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5F479D0A-ABB5-DE85-2C6A-92566C7FB813}" = CCC Help Polish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6863508E-00B6-34DF-31FA-DD8D57E8CEE0}" = CCC Help Thai
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A271321-D7E2-46FE-9BF6-2CFD47556FB8}" = ZoneAlarm Firewall
"{6A6F0F1E-39F8-469E-A82B-C0BD5B3E77B0}" = gSyncit
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7016BF44-E81D-4F10-B59C-4C9DCC43EC8C}" = SimpleSYN 2.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7A0AAE7D-BEED-DD34-58EA-304DAC2EF7B6}" = CCC Help Norwegian
"{7B939E98-D099-5172-FF4C-673B96ED3D13}" = CCC Help Portuguese
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.2.0
"{8337F301-A848-71AC-4699-51B5153085EE}" = CCC Help German
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84160DF4-D1B0-428F-EFE7-4CA2E14B5CD2}" = Catalyst Control Center Localization All
"{89EBB60F-5F24-2153-AEF2-F7E33B2DD8DB}" = CCC Help Russian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFD09A6-E374-8519-68A9-A3F7383C29AA}" = CCC Help Hungarian
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2C23ED8-6C37-F32D-3108-3E91BEDEDCA8}" = CCC Help Swedish
"{A47B6CB9-E31C-B471-75FF-F42236292750}" = CCC Help Spanish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B39177F9-269D-4A9B-82F2-7A48589CCCEF}" = Garmin WebUpdater
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CE081CB8-1970-88F1-A4D8-FC435D2E86C1}" = ccc-core-static
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6BC900A-520A-4D95-A23F-4ED82A930609}" = ZoneAlarm Security
"{D9DB57B7-7C15-596C-6D5B-4CF06CF98E41}" = CCC Help English
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E599494B-C668-E1C7-09A4-76A33BDC03F6}" = CCC Help Czech
"{E68A38AA-A1B2-114E-19FA-F07D54683077}" = Catalyst Control Center InstallProxy
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F12B4E57-D702-E193-E8AF-C93EDB8DF63E}" = CCC Help Chinese Traditional
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE0E7A1C-68C3-99E1-A5DD-0749CFAB7AB9}" = CCC Help Danish
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AnyDVD" = AnyDVD
"Audacity_is1" = Audacity 1.2.6
"CamStudio" = CamStudio
"CloneDVD2" = CloneDVD2
"ElsterFormular 13.1.1.8479k" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.2.7.1
"Flatcast Producer 5.3_is1" = Flatcast Producer Plugin 5.3.0.752
"Fotosizer" = Fotosizer 1.32
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.8
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Free YouTube Download_is1" = Free YouTube Download version 3.0.815
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"GPS-Track-Analyse.NET 6.0_is1" = GPS-Track-Analyse.NET 6.0
"GSAK_is1" = GSAK 8.0.0.133 (Final)
"incredibar" = Incredibar Toolbar on IE
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Notepad++" = Notepad++
"Pidgin" = Pidgin
"PokerStars" = PokerStars
"Red Eye Remover Pro_is1" = Red Eye Remover Pro 1.2
"STRATO HiDrive" = STRATO HiDrive (remove only)
"Synthesia" = Synthesia (remove only)
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Uninstall_is1" = Uninstall 1.0.0.1
"USB Audio_is1" = Ver 1.2.0
"WinGimp-2.0_is1" = GIMP 2.6.12
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"Yahoo! Messenger" = Yahoo! Messenger
"ZoneAlarm Free Antivirus + Firewall" = ZoneAlarm Free Antivirus + Firewall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.03.2012 05:46:31 | Computer Name = Thomas-Laptop | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 11.0.0.4454 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 61c Startzeit:
01cd0a5b171ebbcb Endzeit: 147 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
637fe81b-765f-11e1-8dff-78acc0418e0f
Error - 25.03.2012 16:20:40 | Computer Name = Thomas-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7600.16385,
Zeitstempel: 0x4a5bd03d Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16850,
Zeitstempel: 0x4e211da1 Ausnahmecode: 0x0000046b Fehleroffset: 0x000000000000a88d
ID
des fehlerhaften Prozesses: 0xdec Startzeit der fehlerhaften Anwendung: 0x01cd0a5ae78ff7f8
Pfad
der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: fd5ad5f1-76b7-11e1-8dff-78acc0418e0f
Error - 03.04.2012 12:36:50 | Computer Name = Thomas-Laptop | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Thomas\Downloads\SoftonicDownloader_fuer_formatwandler-4.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Error - 10.04.2012 16:53:05 | Computer Name = Thomas-Laptop | Source = Application Hang | ID = 1002
Description = Programm gimp-2.6.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1318 Startzeit:
01cd175bc24d1b60 Endzeit: 17 Anwendungspfad: C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe
Berichts-ID:
2868cc0b-834f-11e1-8db7-78acc0418e0f
Error - 16.04.2012 12:50:26 | Computer Name = Thomas-Laptop | Source = Application Hang | ID = 1002
Description = Programm gimp-2.6.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12f4 Startzeit:
01cd1bf0eae2bd61 Endzeit: 15 Anwendungspfad: C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe
Berichts-ID:
40fa25cd-87e4-11e1-8c5c-78acc0418e0f
Error - 16.04.2012 12:50:46 | Computer Name = Thomas-Laptop | Source = Application Hang | ID = 1002
Description = Programm gimp-2.6.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: b1c Startzeit:
01cd1bf107d277b0 Endzeit: 16 Anwendungspfad: C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe
Berichts-ID:
4e2260ed-87e4-11e1-8c5c-78acc0418e0f
Error - 16.04.2012 12:51:15 | Computer Name = Thomas-Laptop | Source = Application Hang | ID = 1002
Description = Programm gimp-2.6.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1108 Startzeit:
01cd1bf1144a8cfc Endzeit: 141 Anwendungspfad: C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe
Berichts-ID:
5a9a763a-87e4-11e1-8c5c-78acc0418e0f
Error - 03.05.2012 09:44:55 | Computer Name = Thomas-Laptop | Source = Application Hang | ID = 1002
Description = Programm WINWORD.EXE, Version 12.0.4518.1014 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1214 Startzeit: 01cd293288b57e70 Endzeit: 387 Anwendungspfad:
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE Berichts-ID: 090750ab-9526-11e1-8e1f-78acc0418e0f
Error - 16.06.2012 08:36:31 | Computer Name = Thomas-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FreeYouTubeToMP3Converter.exe, Version:
3.10.7.804, Zeitstempel: 0x4e402c1e Name des fehlerhaften Moduls: VideoFileToIPOD.dll,
Version: 1.7.20.808, Zeitstempel: 0x4e452895 Ausnahmecode: 0xc0000005 Fehleroffset:
0x000131d2 ID des fehlerhaften Prozesses: 0xef8 Startzeit der fehlerhaften Anwendung:
0x01cd4bb611bd21c7 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\DVDVideoSoft\Free
YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\VideoFileToIPOD.dll Berichtskennung:
e5a21663-b7af-11e1-b050-78acc0418e0f
Error - 23.06.2012 04:18:01 | Computer Name = Thomas-Laptop | Source = Service1 | ID = 0
Description = Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine
Verbindung mit dem Dienstcontroller herstellen
Error - 04.07.2012 16:37:26 | Computer Name = Thomas-Laptop | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 16.07.2012 04:18:04 | Computer Name = Thomas-Laptop | Source = Service1 | ID = 0
Description = Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine
Verbindung mit dem Dienstcontroller herstellen
[ Media Center Events ]
Error - 30.06.2012 03:44:09 | Computer Name = Thomas-Laptop | Source = MCUpdate | ID = 0
Description = 09:44:09 - Fehler beim Herstellen der Internetverbindung. 09:44:09
- Serververbindung konnte nicht hergestellt werden..
Error - 30.06.2012 03:44:20 | Computer Name = Thomas-Laptop | Source = MCUpdate | ID = 0
Description = 09:44:14 - Fehler beim Herstellen der Internetverbindung. 09:44:14
- Serververbindung konnte nicht hergestellt werden..
Error - 30.06.2012 04:44:28 | Computer Name = Thomas-Laptop | Source = MCUpdate | ID = 0
Description = 10:44:28 - Fehler beim Herstellen der Internetverbindung. 10:44:28
- Serververbindung konnte nicht hergestellt werden..
Error - 30.06.2012 04:44:38 | Computer Name = Thomas-Laptop | Source = MCUpdate | ID = 0
Description = 10:44:33 - Fehler beim Herstellen der Internetverbindung. 10:44:33
- Serververbindung konnte nicht hergestellt werden..
Error - 29.07.2012 10:30:17 | Computer Name = Thomas-Laptop | Source = MCUpdate | ID = 0
Description = 16:30:17 - Fehler beim Herstellen der Internetverbindung. 16:30:17
- Serververbindung konnte nicht hergestellt werden..
Error - 29.07.2012 10:30:28 | Computer Name = Thomas-Laptop | Source = MCUpdate | ID = 0
Description = 16:30:22 - Fehler beim Herstellen der Internetverbindung. 16:30:22
- Serververbindung konnte nicht hergestellt werden..
Error - 29.07.2012 11:30:34 | Computer Name = Thomas-Laptop | Source = MCUpdate | ID = 0
Description = 17:30:34 - Fehler beim Herstellen der Internetverbindung. 17:30:34
- Serververbindung konnte nicht hergestellt werden..
Error - 29.07.2012 11:30:46 | Computer Name = Thomas-Laptop | Source = MCUpdate | ID = 0
Description = 17:30:39 - Fehler beim Herstellen der Internetverbindung. 17:30:39
- Serververbindung konnte nicht hergestellt werden..
Error - 29.07.2012 12:30:51 | Computer Name = Thomas-Laptop | Source = MCUpdate | ID = 0
Description = 18:30:51 - Fehler beim Herstellen der Internetverbindung. 18:30:51
- Serververbindung konnte nicht hergestellt werden..
Error - 29.07.2012 12:31:02 | Computer Name = Thomas-Laptop | Source = MCUpdate | ID = 0
Description = 18:30:56 - Fehler beim Herstellen der Internetverbindung. 18:30:56
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 25.08.2011 09:40:22 | Computer Name = Thomas-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 202
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 21.10.2012 06:58:29 | Computer Name = Thomas-Laptop | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SysMain erreicht.
Error - 21.10.2012 06:58:46 | Computer Name = Thomas-Laptop | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde nicht
richtig gestartet.
Error - 22.10.2012 08:35:23 | Computer Name = Thomas-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 22.10.2012 11:31:40 | Computer Name = Thomas-Laptop | Source = bowser | ID = 8003
Description =
Error - 22.10.2012 16:10:53 | Computer Name = Thomas-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 23.10.2012 14:09:15 | Computer Name = Thomas-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 23.10.2012 15:25:08 | Computer Name = Thomas-Laptop | Source = DCOM | ID = 10010
Description =
Error - 24.10.2012 08:11:16 | Computer Name = Thomas-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 24.10.2012 10:05:14 | Computer Name = Thomas-Laptop | Source = bowser | ID = 8003
Description =
Error - 24.10.2012 10:12:22 | Computer Name = Thomas-Laptop | Source = BROWSER | ID = 8032
Description =
< End of report >
--- --- --- |
