| Spike007 | 30.12.2012 11:50 |
OTL.txt
OTL Logfile: Code:
OTL logfile created on: 30.12.2012 11:38:07 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXXX\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,24 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 56,99% Memory free
6,48 Gb Paging File | 4,80 Gb Available in Paging File | 74,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 3,18 Gb Free Space | 5,42% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 277,90 Gb Free Space | 59,67% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 339,20 Gb Free Space | 72,83% Space Free | Partition Type: NTFS
Drive F: | 58,59 Gb Total Space | 49,27 Gb Free Space | 84,09% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 25,74 Gb Free Space | 5,53% Space Free | Partition Type: NTFS
Drive H: | 465,76 Gb Total Space | 173,57 Gb Free Space | 37,27% Space Free | Partition Type: NTFS
Drive I: | 814,32 Gb Total Space | 160,71 Gb Free Space | 19,74% Space Free | Partition Type: NTFS
Computer Name: ooooo | User Name: XXXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\XXXXX\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\PROGRA~1\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\xxxxx\AppData\LocalLow\SumatraPDF\IE\SumatraPDFUpdater.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Synology\Assistant\UsbClientService.exe ()
PRC - C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\System32\IPROSetMonitor.exe (Intel Corporation)
PRC - C:\Program Files\devolo\dlan\devolonetsvc.exe ()
PRC - C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\398df77267992efc77df5ef5176a89c6\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1430191d067c0f28c3a676d3ecb85b26\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\515c6ffea562bb0f03a1ed8f75279648\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f4be07261983040b29685575b69085e8\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\227d8befc409e42e058670889c3d6b4a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c8ebcd93a2b547dc72dee2fcfabcdd50\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2f44dac350b6161a9e9ce7222ae94335\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5530227809880c9b8b1d834e5434e840\mscorlib.ni.dll ()
MOD - C:\Users\xxxxx\AppData\LocalLow\SumatraPDF\IE\sqlite3.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
========== Services (SafeList) ==========
SRV - (Winmgmt) -- C:\Users\xxxxx\wgsdgsdgdsgsd.exe File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SumatraPDFUpdater) -- C:\Users\xxxxx\AppData\LocalLow\SumatraPDF\IE\SumatraPDFUpdater.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (UsbClientService) -- C:\Program Files\Synology\Assistant\UsbClientService.exe ()
SRV - (CLKMSVC10_E92D8507) -- C:\Program Files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe (CyberLink)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (Intel® PROSet Monitoring Service) -- C:\Windows\System32\IPROSetMonitor.exe (Intel Corporation)
SRV - (DevoloNetworkService) -- C:\Program Files\devolo\dlan\devolonetsvc.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (avmaura) -- C:\Windows\System32\drivers\avmaura.sys (AVM Berlin)
DRV - (busbcrw) -- C:\Windows\System32\drivers\busbcrw.sys (Brother Industries, Ltd.)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Ser2plx86) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (anvsnddrv) -- C:\Windows\System32\drivers\anvsnddrv.sys (AnvSoft Inc.)
DRV - (avmaudio) -- C:\Windows\System32\drivers\avmaudio.sys (AVM Berlin)
DRV - (sxuptp) -- C:\Windows\System32\drivers\sxuptp.sys (silex technology, Inc.)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (busenum) -- C:\Windows\System32\drivers\busenum.sys (Windows (R) Win 7 DDK provider)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (nusb3xhc) -- C:\Windows\System32\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV - (nusb3hub) -- C:\Windows\System32\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (e1cexpress) -- C:\Windows\System32\drivers\e1c6232.sys (Intel Corporation)
DRV - (USB28xxOEM) -- C:\Windows\System32\drivers\emOEM.sys (eMPIA Technology, Inc.)
DRV - (USB28xxBGA) -- C:\Windows\System32\drivers\emBDA.sys (eMPIA Technology, Inc.)
DRV - (emAudio) -- C:\Windows\System32\drivers\emAudio.sys (eMPIA Technology, Inc.)
DRV - (mv91xx) -- C:\Windows\System32\drivers\mv91xx.sys (Marvell Semiconductor, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (ATI Technologies, Inc.)
DRV - (NPF_devolo) -- C:\Windows\System32\drivers\npf_devolo.sys (CACE Technologies)
DRV - ({B154377D-700F-42cc-9474-23858FBDF4BD}) -- C:\Program Files\CyberLink\PowerDVD9\000.fcl (CyberLink Corp.)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (vpcuxd) -- C:\Windows\System32\drivers\vpcuxd.sys (Microsoft Corporation)
DRV - (azvusb) -- C:\Windows\System32\drivers\azvusb.sys (AzureWave Technologies, Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2180860846-1555781176-264122612-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2180860846-1555781176-264122612-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2180860846-1555781176-264122612-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 DF 92 B1 10 E6 CD 01 [binary data]
IE - HKU\S-1-5-21-2180860846-1555781176-264122612-1003\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\6.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-2180860846-1555781176-264122612-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2180860846-1555781176-264122612-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.07 21:55:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.04 17:18:16 | 000,000,000 | ---D | M]
[2012.10.26 22:49:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.10.26 22:49:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\distribution\extensions
[2012.10.26 22:49:59 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.12.07 21:55:37 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.31 11:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012.07.08 22:52:22 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 22:23:35 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.08 22:52:22 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.08 22:52:22 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.08 22:52:22 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.08 22:52:22 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\6.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (SumatraPDF) - {EA58BBDF-F45C-4F28-8E52-CD5AA70D2C1E} - C:\Users\xxxxx\AppData\LocalLow\SumatraPDF\IE\SumatraPDF.dll (Krzysztof Kowalczyk)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\6.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Tango] C:\Program Files\Tango\Tango.exe ()
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2273D0C2-665C-413E-81A5-F71B5E76C544}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EC66AE9-6DB7-477A-B31D-403F69AED4A1}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.01.06 18:05:26 | 000,000,000 | -HS- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.29 23:34:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\XXXXX\Desktop\OTL.exe
[2012.12.29 23:32:09 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Malwarebytes
[2012.12.29 23:31:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.29 23:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.29 23:31:53 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.29 23:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.12.29 23:31:39 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Programs
[2012.12.29 23:06:09 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Adobe
[2012.12.29 21:50:26 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\AVG2013
[2012.12.29 21:50:25 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Avg2013
[2012.12.29 21:50:24 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Power2Go
[2012.12.29 21:50:24 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\ATI
[2012.12.29 21:50:24 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\ATI
[2012.12.29 21:50:24 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Apple Computer
[2012.12.29 21:50:15 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Virtual Machines
[2012.12.29 21:50:15 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.12.29 21:50:15 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Searches
[2012.12.29 21:50:15 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.12.29 21:50:05 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Identities
[2012.12.29 21:50:04 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Contacts
[2012.12.29 21:49:59 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\VirtualStore
[2012.12.29 21:49:57 | 000,000,000 | --SD | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Videos
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Saved Games
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Pictures
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Music
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Links
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Favorites
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Downloads
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Documents
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Desktop
[2012.12.29 21:49:57 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Vorlagen
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\AppData\Local\Verlauf
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\AppData\Local\Temporary Internet Files
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Startmenü
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\SendTo
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Recent
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Netzwerkumgebung
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Lokale Einstellungen
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Documents\Eigene Videos
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Documents\Eigene Musik
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Eigene Dateien
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Documents\Eigene Bilder
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Druckumgebung
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Cookies
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\AppData\Local\Anwendungsdaten
[2012.12.29 21:49:57 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Anwendungsdaten
[2012.12.29 21:49:57 | 000,000,000 | -H-D | C] -- C:\Users\XXXXX\AppData
[2012.12.29 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Temp
[2012.12.29 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Microsoft
[2012.12.29 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Media Center Programs
[2012.12.29 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Macromedia
[2012.12.29 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012.12.29 00:45:22 | 000,000,000 | ---D | C] -- C:\FarmHelper
[2012.12.23 23:34:36 | 000,000,000 | ---D | C] -- C:\Program Files\MakeMKV
[2012.12.22 19:06:30 | 000,105,728 | ---- | C] (AVM Berlin) -- C:\Windows\System32\drivers\avmaura.sys
[2012.12.22 18:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PE-DESIGN NEXT
[2012.12.22 18:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BIL
[2012.12.22 18:38:34 | 000,018,944 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\busbcrw.sys
[2012.12.21 03:00:37 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.21 03:00:37 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.19 21:58:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tajima
[2012.12.19 21:58:34 | 001,056,768 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\Roboex32.dll
[2012.12.19 21:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\Tajima
[2012.12.19 21:58:02 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2012.12.19 05:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.12.15 17:41:41 | 000,000,000 | ---D | C] -- C:\temp
[2012.12.15 17:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PE-DESIGN Ver6
[2012.12.15 17:18:25 | 001,009,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Ltwvc13n.dll
[2012.12.15 17:18:25 | 000,825,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltwen13n.dll
[2012.12.15 17:18:25 | 000,794,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTRTN13n.DLL
[2012.12.15 17:18:25 | 000,379,904 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltvec13n.ocx
[2012.12.15 17:18:25 | 000,253,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltpnt13n.ocx
[2012.12.15 17:18:25 | 000,246,784 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lvkrn13n.dll
[2012.12.15 17:18:25 | 000,204,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltscr13n.ocx
[2012.12.15 17:18:25 | 000,170,496 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTSCR13n.DLL
[2012.12.15 17:18:25 | 000,164,352 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lvdlg13n.dll
[2012.12.15 17:18:25 | 000,158,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Ltpnt13n.dll
[2012.12.15 17:18:25 | 000,153,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lttmb13n.ocx
[2012.12.15 17:18:25 | 000,145,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lttw213n.dll
[2012.12.15 17:18:25 | 000,144,384 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lttlb13n.ocx
[2012.12.15 17:18:25 | 000,110,592 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTSGM13N.DLL
[2012.12.15 17:18:25 | 000,108,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTTLB13n.dll
[2012.12.15 17:18:25 | 000,102,400 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltodb13n.ocx
[2012.12.15 17:18:25 | 000,095,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltpdg13n.dll
[2012.12.15 17:18:25 | 000,076,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lvgl13n.dll
[2012.12.15 17:18:25 | 000,074,240 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lvdx13n.dll
[2012.12.15 17:18:25 | 000,053,248 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTWEB13n.dll
[2012.12.15 17:18:25 | 000,044,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lttwn13n.dll
[2012.12.15 17:18:25 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lttmb13n.dll
[2012.12.15 17:18:25 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTWND13n.DLL
[2012.12.15 17:18:24 | 000,759,808 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltocx13n.ocx
[2012.12.15 17:18:24 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltkrn13n.dll
[2012.12.15 17:18:24 | 000,196,608 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltlst13n.ocx
[2012.12.15 17:18:24 | 000,179,200 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltnet13n.ocx
[2012.12.15 17:18:24 | 000,150,528 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltisi13n.ocx
[2012.12.15 17:18:24 | 000,146,432 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltmrc13n.ocx
[2012.12.15 17:18:24 | 000,114,176 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTOCR13n.dll
[2012.12.15 17:18:24 | 000,061,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltnet13n.dll
[2012.12.15 17:18:24 | 000,051,200 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltlst13n.dll
[2012.12.15 17:18:23 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltisi13n.dll
[2012.12.15 17:18:22 | 001,402,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltdlg13n.dll
[2012.12.15 17:18:22 | 000,966,144 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltdlgres13n.dll
[2012.12.15 17:18:22 | 000,445,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltimg13n.dll
[2012.12.15 17:18:22 | 000,360,960 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltdlg13n.ocx
[2012.12.15 17:18:22 | 000,265,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTDIS13n.dll
[2012.12.15 17:18:22 | 000,241,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTEml13n.dll
[2012.12.15 17:18:22 | 000,206,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltefx13n.dll
[2012.12.15 17:18:22 | 000,154,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltfil13n.DLL
[2012.12.15 17:18:21 | 001,693,696 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTCLR13n.dll
[2012.12.15 17:18:21 | 001,139,712 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTDic13n.dll
[2012.12.15 17:18:21 | 000,319,488 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTCML13n.dll
[2012.12.15 17:18:21 | 000,149,504 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTAUT13n.dll
[2012.12.15 17:18:21 | 000,111,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTCON13n.dll
[2012.12.15 17:18:20 | 000,785,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltann13n.dll
[2012.12.15 17:18:20 | 000,550,400 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFSVG13n.dll
[2012.12.15 17:18:20 | 000,278,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFJ2K13n.dll
[2012.12.15 17:18:20 | 000,180,736 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfpng13n.dll
[2012.12.15 17:18:20 | 000,177,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfpdf13n.dll
[2012.12.15 17:18:20 | 000,153,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfPCL13n.dll
[2012.12.15 17:18:20 | 000,143,360 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lftif13n.dll
[2012.12.15 17:18:20 | 000,108,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfgbr13n.dll
[2012.12.15 17:18:20 | 000,102,400 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfmpg13n.dll
[2012.12.15 17:18:20 | 000,101,376 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfvpg13n.dll
[2012.12.15 17:18:20 | 000,090,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfjbg13n.dll
[2012.12.15 17:18:20 | 000,084,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lffpx13n.dll
[2012.12.15 17:18:20 | 000,083,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfshp13n.dll
[2012.12.15 17:18:20 | 000,080,384 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFPTK13n.dll
[2012.12.15 17:18:20 | 000,076,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfwmf13n.dll
[2012.12.15 17:18:20 | 000,074,752 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfplt13n.dll
[2012.12.15 17:18:20 | 000,073,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lffax13n.dll
[2012.12.15 17:18:20 | 000,068,096 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfsct13n.dll
[2012.12.15 17:18:20 | 000,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfpct13n.dll
[2012.12.15 17:18:20 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfpsd13n.dll
[2012.12.15 17:18:20 | 000,051,200 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfXpm13n.dll
[2012.12.15 17:18:20 | 000,049,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfXbm13n.dll
[2012.12.15 17:18:20 | 000,048,128 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfica13n.dll
[2012.12.15 17:18:20 | 000,047,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfeps13n.dll
[2012.12.15 17:18:20 | 000,047,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfgif13n.dll
[2012.12.15 17:18:20 | 000,038,400 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfflc13n.dll
[2012.12.15 17:18:20 | 000,033,792 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFSMP13n.dll
[2012.12.15 17:18:20 | 000,033,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfwmp13n.dll
[2012.12.15 17:18:20 | 000,033,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfvec13n.dll
[2012.12.15 17:18:20 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lflmb13n.dll
[2012.12.15 17:18:20 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFPNM13n.dll
[2012.12.15 17:18:20 | 000,029,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lflma13n.dll
[2012.12.15 17:18:20 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfiff13n.dll
[2012.12.15 17:18:20 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfpcx13n.dll
[2012.12.15 17:18:20 | 000,025,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfxwd13n.dll
[2012.12.15 17:18:20 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lftga13n.dll
[2012.12.15 17:18:20 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfimg13n.dll
[2012.12.15 17:18:20 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfwpg13n.dll
[2012.12.15 17:18:20 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfsgi13n.dll
[2012.12.15 17:18:20 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfras13n.dll
[2012.12.15 17:18:20 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfwfx13n.dll
[2012.12.15 17:18:20 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfpcd13n.dll
[2012.12.15 17:18:20 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfitg13n.dll
[2012.12.15 17:18:20 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfmsp13n.dll
[2012.12.15 17:18:20 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfmac13n.dll
[2012.12.15 17:18:20 | 000,017,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfRaw13n.dll
[2012.12.15 17:18:19 | 000,543,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\leadsrvr.exe
[2012.12.15 17:18:19 | 000,509,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFCMW13n.dll
[2012.12.15 17:18:19 | 000,484,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfdwf13n.dll
[2012.12.15 17:18:19 | 000,420,352 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFCMP13n.DLL
[2012.12.15 17:18:19 | 000,295,936 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfAFP13n.dll
[2012.12.15 17:18:19 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\System32\PCDLIB32.DLL
[2012.12.15 17:18:19 | 000,185,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfdxf13n.dll
[2012.12.15 17:18:19 | 000,130,560 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfdwg13n.dll
[2012.12.15 17:18:19 | 000,094,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfdrw13n.dll
[2012.12.15 17:18:19 | 000,091,136 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfacs13n.dll
[2012.12.15 17:18:19 | 000,090,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfcmx13n.dll
[2012.12.15 17:18:19 | 000,089,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfcgm13n.dll
[2012.12.15 17:18:19 | 000,079,872 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfdgn13n.dll
[2012.12.15 17:18:19 | 000,056,320 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfcal13n.dll
[2012.12.15 17:18:19 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfclp13n.dll
[2012.12.15 17:18:19 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfbmp13n.dll
[2012.12.15 17:18:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AWRESX32.DLL
[2012.12.15 17:18:19 | 000,025,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfani13n.dll
[2012.12.15 17:18:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AWCODC32.DLL
[2012.12.15 17:18:19 | 000,023,040 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfawd13n.dll
[2012.12.15 17:18:19 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfCUT13n.dll
[2012.12.15 17:18:19 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfavi13n.dll
[2012.12.15 17:18:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AWDENC32.DLL
[2012.12.15 17:18:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AWVIEW32.DLL
[2012.12.15 17:18:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AWDCXC32.DLL
[2012.12.14 00:52:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
[2012.12.14 00:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2012.12.13 14:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012.12.12 03:01:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.12 03:01:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.12 03:01:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.12 03:01:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.12 03:01:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.12 03:01:34 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.12.12 03:01:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.12 03:01:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.11 21:28:54 | 002,344,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.11 21:28:44 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.12.11 21:28:44 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.12.11 21:28:44 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.12.11 21:28:44 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.12.11 21:28:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.11 21:28:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.11 21:28:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.11 21:28:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.12.11 21:28:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.12.11 21:28:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.12.11 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.11 21:28:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.12.11 21:28:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.12.11 21:28:30 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.11 21:28:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.05 03:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2012.12.05 03:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar
[2012.12.05 03:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
========== Files - Modified Within 30 Days ==========
[2012.12.30 11:24:06 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.30 11:00:19 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.30 10:23:50 | 000,018,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.30 10:23:50 | 000,018,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.30 10:20:27 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.30 10:18:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.30 10:18:43 | 2607,919,104 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.29 23:34:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XXXXX\Desktop\OTL.exe
[2012.12.29 23:31:56 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.29 21:54:50 | 000,698,474 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.29 21:54:50 | 000,652,456 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.29 21:54:50 | 000,148,530 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.29 21:54:50 | 000,121,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.29 21:50:27 | 000,001,202 | ---- | M] () -- C:\Users\XXXXX\Desktop\Blu-ray Disc Suite.lnk
[2012.12.29 21:47:35 | 000,000,040 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.12.27 17:06:50 | 000,003,504 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2012.12.23 19:23:39 | 000,000,333 | ---- | M] () -- C:\Windows\BRCALIB.INI
[2012.12.22 19:06:27 | 000,105,728 | ---- | M] (AVM Berlin) -- C:\Windows\System32\drivers\avmaura.sys
[2012.12.22 18:45:45 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\PE-DESIGN NEXT.lnk
[2012.12.22 18:38:34 | 000,018,944 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\busbcrw.sys
[2012.12.21 03:20:01 | 000,334,256 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.19 21:58:36 | 000,001,211 | ---- | M] () -- C:\Users\Public\Desktop\Tajima DGML by Pulse Ambassador.lnk
[2012.12.16 15:25:27 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.16 15:25:19 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.13 14:47:16 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.12.12 05:00:06 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.12 05:00:06 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.04 17:19:33 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
========== Files Created - No Company Name ==========
[2012.12.29 23:31:56 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.29 21:50:16 | 000,001,418 | ---- | C] () -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.12.29 21:49:57 | 000,001,202 | ---- | C] () -- C:\Users\XXXXX\Desktop\Blu-ray Disc Suite.lnk
[2012.12.22 18:45:45 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\PE-DESIGN NEXT.lnk
[2012.12.19 21:58:36 | 000,001,211 | ---- | C] () -- C:\Users\Public\Desktop\Tajima DGML by Pulse Ambassador.lnk
[2012.12.15 17:18:24 | 001,190,601 | ---- | C] () -- C:\Windows\System32\LTOCX13n.CAB
[2012.12.15 17:18:20 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2012.12.15 17:18:20 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2012.12.13 14:47:16 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.04.27 17:42:01 | 000,003,504 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2012.03.07 02:44:25 | 000,917,504 | ---- | C] () -- C:\Windows\System32\dtsdecoderdll.dll
[2012.03.07 02:44:25 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2012.03.04 12:57:19 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2012.03.04 11:40:08 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2012.02.29 20:34:45 | 000,000,333 | ---- | C] () -- C:\Windows\BRCALIB.INI
[2012.02.27 19:28:58 | 000,434,176 | ---- | C] () -- C:\Windows\System32\ZSHP1018.EXE
[2012.01.03 22:46:29 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.01.03 22:18:09 | 000,000,322 | ---- | C] () -- C:\Windows\System32\mr.dat
[2011.11.29 23:02:07 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.10.18 17:01:02 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.07.10 18:08:35 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.06.16 21:46:07 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2011.06.16 21:44:56 | 000,038,050 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011.06.16 21:43:48 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.06.16 21:43:44 | 000,024,917 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.06.16 02:55:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.06.16 02:48:34 | 000,002,857 | ---- | C] () -- C:\Windows\System32\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.05.18 22:33:00 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\AnvSoft
[2012.12.13 14:48:50 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\AVG2013
[2012.03.07 22:04:58 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\avidemux
[2012.05.13 11:49:33 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\Canneverbe Limited
[2012.11.02 16:40:24 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\DAEMON Tools Lite
[2012.11.20 20:12:27 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\DVDVideoSoft
[2011.10.18 08:11:17 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.04 21:33:31 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\EPSON
[2011.07.29 21:40:48 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\Free iPad Video Converter
[2011.10.18 17:22:45 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\FreeVideoConverter
[2012.10.25 21:01:29 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\FRITZ!
[2012.10.25 20:54:39 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2011.10.18 17:00:51 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\GetRightToGo
[2011.07.29 20:19:52 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\HandBrake
[2011.07.10 17:55:20 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\ImgBurn
[2012.03.07 21:28:25 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\ImTOO
[2012.12.14 00:52:16 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\IrfanView
[2012.03.04 11:24:11 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\Leawo
[2012.05.02 00:17:28 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\Mouse Recorder Pro
[2011.11.29 23:02:08 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\pdfforge
[2012.06.17 00:19:58 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\Seas0nPass
[2011.07.03 15:39:46 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\TeamViewer
[2012.03.04 11:25:09 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\tiger-k
[2012.12.13 14:47:15 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\TuneUp Software
[2012.01.03 23:29:26 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\Vso
[2012.12.29 21:50:26 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\AVG2013
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:FB1B13D8
< End of report >
--- --- ---
extras
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 29.12.2012 23:56:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXXX\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,24 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 26,57% Memory free
6,48 Gb Paging File | 3,00 Gb Available in Paging File | 46,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 2,93 Gb Free Space | 4,99% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 277,90 Gb Free Space | 59,67% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 339,20 Gb Free Space | 72,83% Space Free | Partition Type: NTFS
Drive F: | 58,59 Gb Total Space | 49,27 Gb Free Space | 84,09% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 25,74 Gb Free Space | 5,53% Space Free | Partition Type: NTFS
Drive H: | 465,76 Gb Total Space | 173,57 Gb Free Space | 37,27% Space Free | Partition Type: NTFS
Drive I: | 814,32 Gb Total Space | 160,70 Gb Free Space | 19,73% Space Free | Partition Type: NTFS
Computer Name: OOOOO | User Name: XXXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2180860846-1555781176-264122612-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02294AF9-A841-4E7F-A570-C0A9FD01AF63}" = rport=138 | protocol=17 | dir=out | app=system |
"{06FCC0C6-4297-4A4D-B2C1-A874917D5D76}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{076442CA-CFAB-4052-AC03-C9ED6AF8834C}" = rport=137 | protocol=17 | dir=out | app=system |
"{077CB168-879D-45D2-BE8B-3B61D5076C69}" = lport=10300 | protocol=6 | dir=in | app=c:\program files\devolo\dlan\devolonetsvc.exe |
"{0A6C268D-2DC9-448E-A8E7-E1CE3B78FB14}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0A8AC837-6F47-4021-B815-630A25A89C6A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0BC3F451-F815-4D49-A6F9-1C6BFB7455B5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0C44D143-3469-42EB-AA4B-8B2471D766C4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16DB750F-04F2-4794-B12C-7D8331AB2840}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19ECD8A8-0587-435F-B1BD-BEE255322CD6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1A5C7E48-1104-4AB0-B367-FA67F9FBC386}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1EEBF253-D343-4991-A47E-DF8046A437B3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{23E544C3-4E10-4378-91C5-962C5448CAC3}" = lport=445 | protocol=6 | dir=in | app=system |
"{247CBAE3-0629-4876-A2FF-E0605CFEBD8C}" = rport=139 | protocol=6 | dir=out | app=system |
"{257628F1-9C9B-49D5-BAD2-EC2AAB9DFF1B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2EAC8AB0-8F23-4BC5-8238-9E295F276E82}" = lport=1900 | protocol=17 | dir=in | name=upnp device discovery (udp 1900) |
"{32439363-C002-4325-9F14-368B0AB79142}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{397BD3B2-11F2-4E86-AFDD-3A344A13187A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{415CDE41-383C-4D08-AF9E-88CACE4409DE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{416BC7BB-204D-4894-8727-40473733BC75}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{45F36642-BF64-43E2-86F9-7BE4354FEE6D}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
"{483A0190-39B8-4CC7-89A4-6052DE0A670C}" = lport=10301 | protocol=17 | dir=in | app=c:\program files\devolo\dlan\devolonetsvc.exe |
"{49B38221-F028-4FFB-BA5F-C55867D1E7E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{52F0186B-BF4E-4485-B9F7-A0C40B0E10A3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{57BD50E4-6600-4E5A-9B85-1EA3BA9D4D04}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{773761FA-9DFC-4A17-9F31-05E9AC0FEC02}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B93E35B-FE6E-4451-9FB6-1AD25FEA2E31}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8A5C03B0-E232-4DD6-8616-F40F79D17521}" = lport=2869 | protocol=6 | dir=in | name=upnp device discovery (tcp 2869) |
"{99C3C1E6-1AC3-4EE3-AB43-C259B4CF7E98}" = lport=137 | protocol=17 | dir=in | app=system |
"{A2871D25-D880-4E6F-BFD9-9490665F97CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AE2B4B05-BB4C-4442-92F1-743CB169BEC5}" = rport=445 | protocol=6 | dir=out | app=system |
"{AE7CAAD1-62A8-464C-893C-83F3895B27B2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C70819F3-825F-43FF-977A-85A97E9A4922}" = lport=138 | protocol=17 | dir=in | app=system |
"{C824A520-F953-44A7-93A9-929004C6AB76}" = lport=139 | protocol=6 | dir=in | app=system |
"{CD05D784-485B-4439-8102-BF6913EC5C9F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF5A57FE-E9DA-4667-A008-313709C8B350}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{F2A8A540-B312-46D9-9B80-BA7C8298517E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0129FAFF-137B-450C-AB6F-8D7A3ECD4208}" = dir=in | app=c:\program files\pctv systems\tvcenter\tvcenter.exe |
"{15F6A51A-2626-4B3E-87A6-9ADB7324F4FA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1F029665-BB2F-4C6C-AC3A-C3E7253668B8}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{22D96AD2-C222-400D-98BB-DAF23AF6D1BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{287EAF3C-3BB4-447B-A47E-7CBF785F6BD4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{2B672748-09DF-4428-BD5B-CC82D050DC15}" = protocol=6 | dir=in | app=c:\users\xxxxx\appdata\local\apps\2.0\9l0yldzm.0k7\0jwk020p.bcm\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{37E51F68-6F7E-4B16-AD31-C09935265959}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3D3790B8-5B5C-4206-B17A-45EFF42DC5EF}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{3D593480-B88F-447B-B721-462DA7ED229A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3FC1EE8E-B71A-4D7A-98F8-733C437AB8E2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{434C4F4C-5185-484A-AF81-15E61675D456}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{4C6BB5AD-8D6E-41B0-ACDF-6EFD9018103B}" = protocol=17 | dir=in | app=c:\users\xxxxx\appdata\local\apps\2.0\9l0yldzm.0k7\0jwk020p.bcm\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{4DBD3B02-AE0B-4639-B8D7-5DBE2E27569E}" = protocol=6 | dir=in | app=c:\users\xxxxx\appdata\local\apps\2.0\9l0yldzm.0k7\0jwk020p.bcm\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{5E8079CA-DB89-4BEE-B754-AFA5CF2BF3D9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{607C5E88-E22B-44A6-B4E7-9E5D0884CFA0}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{617A8D4C-ADFA-4A90-BCC9-B4BF3EE3DF74}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{6430C344-E956-49B3-975F-F87203C2EC71}" = dir=in | app=c:\program files\common files\pctv systems\streamingserver\strmserver.exe |
"{68534B4B-30A3-40B2-8236-E3568DD83B39}" = protocol=17 | dir=in | app=c:\users\xxxxx\appdata\local\apps\2.0\9l0yldzm.0k7\0jwk020p.bcm\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{6CFFD594-8964-4A8C-8F40-7C9278612A61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{796C6023-723A-4CAA-A012-B98098950B59}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{94D2F338-5697-4682-B598-C280D3B42C75}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9A8F32A2-C45E-4353-BCC3-94EADBD7E06C}" = protocol=6 | dir=out | app=system |
"{A799B15C-CE39-41F4-AF19-B8BFD63E5B10}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{B090D191-B8BA-4AA1-85C7-146722B4CCB2}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{B2601207-9C76-4E9C-8C44-5C039E5AD77B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B3050326-DB59-4D70-9BC3-48A930E33CF6}" = dir=in | app=c:\windows\ehome\ehrecvr.exe |
"{B3BD1080-29B5-4B55-967F-0373EA06B55A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE5D343E-99F3-404F-8F9A-534A25CBFA68}" = dir=in | app=c:\windows\ehome\ehrecvr.exe |
"{CA29447B-D048-4A62-94BE-29E6235643A7}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{CBC85D00-6D7B-4573-88C0-C357585E3058}" = dir=in | app=c:\program files\silex technology\sx virtual link\connect.exe |
"{CC344A5D-BB2F-4723-B20B-C8D1E506075E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D89A84AA-A976-4D41-95BD-9247E8F7A961}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{DA9F7C5B-3F0A-4210-ADD9-5EDEE6B8B63F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E1384F38-0572-4225-B0F8-4D2228FE7722}" = dir=in | app=c:\program files\common files\pctv systems\pvr\videocontrol.exe |
"{E7CF30AD-9DD3-4A69-A423-E9907787F36E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8656EC2-C773-4D7F-AF8F-C5C2D6C4A83E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{F3A16C15-8456-4C85-9CC3-A32469E9C83E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4E2459D-AEB6-4D03-9E73-E4937BF3EA3A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F514999E-061C-4B40-AEB5-83C2841AC64E}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{FBCF2BAB-2CCE-495D-B6F7-558CC514425A}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{FDBDEE5A-9422-45F8-A727-510F6E8AEEED}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FF79D682-15C5-4E44-9EF8-420E71D51C09}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{2CF50B49-C17D-4C26-B739-9471BA6C7637}C:\program files\fritz!\frifax32.exe" = protocol=6 | dir=in | app=c:\program files\fritz!\frifax32.exe |
"TCP Query User{2E1ED505-9F4A-4C79-87CD-986C3A3AEDED}C:\program files\synology\assistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files\synology\assistant\dsassistant.exe |
"TCP Query User{4DD91A41-E358-4172-BA9D-49AF884E5038}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{7A371713-2A0A-4903-8414-9C7AD37AD937}C:\farmhelper\fvbot.exe" = protocol=6 | dir=in | app=c:\farmhelper\fvbot.exe |
"TCP Query User{88F91FD5-B39D-402F-AE59-BEDDF872AE40}C:\program files\makemkv\makemkvcon.exe" = protocol=6 | dir=in | app=c:\program files\makemkv\makemkvcon.exe |
"TCP Query User{DDA2FCA4-B551-4805-B353-7E60F8632EBD}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2C22B6B9-4958-42D3-B320-F430364C3EB8}C:\farmhelper\fvbot.exe" = protocol=17 | dir=in | app=c:\farmhelper\fvbot.exe |
"UDP Query User{6134FF16-19EF-42F1-8FE4-B5B4D661E4B0}C:\program files\synology\assistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files\synology\assistant\dsassistant.exe |
"UDP Query User{764362B5-E004-4304-826F-40CCABAACE9D}C:\program files\makemkv\makemkvcon.exe" = protocol=17 | dir=in | app=c:\program files\makemkv\makemkvcon.exe |
"UDP Query User{C0A3239F-F597-4503-8DA8-61314D7CCB10}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F0195330-5A2C-4F03-A38D-5EF5370DBAEC}C:\program files\fritz!\frifax32.exe" = protocol=17 | dir=in | app=c:\program files\fritz!\frifax32.exe |
"UDP Query User{FE5F0D28-1662-40DB-869F-E2F78F4D3E0D}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{041EDAC5-853E-4A10-A0C8-ED0CF7769306}" = PE-DESIGN NEXT
"{09BD1434-E53C-800A-BAE7-AAE85025E8A5}" = ATI AVIVO Codecs
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C171CF9-E6CB-427F-B1E8-55637C603586}_is1" = FarmHelper
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1C6BA2FA-05BB-F6C0-3BDF-2C2DD4E39275}" = CCC Help Italian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F57656E-310B-D5C1-8B38-CD8BF09ADC31}" = CCC Help Russian
"{1F8CE8A5-2C35-B10C-9EE4-EB3A937EF192}" = CCC Help Thai
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2BC12018-4A32-E375-FF94-4830A1A9BD17}" = Catalyst Control Center Graphics Previews Common
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
"{3256C48C-78D0-4FC6-A0F5-81ADF3A9D7D4}" = AVG 2013
"{3A7CEF01-FB6E-B492-0B99-E8C48B80040A}" = CCC Help English
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{47A5EFF0-3A7F-934F-C778-C7E6C8EBE497}" = ATI Catalyst Install Manager
"{48BB3836-2F6F-B8F5-D5B4-106903E92F2F}" = Catalyst Control Center Localization All
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A051E47-6E50-437E-9E22-B5A2EBD3F8E3}" = compasX 19.1
"{4B5CB1BC-6D47-B0DA-9C22-1546F98A954F}" = CCC Help German
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{4FA7C6E9-21D7-CFE5-E111-0ADD6DE0D49E}" = CCC Help Swedish
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5B87B431-0A03-4602-66E5-D6E84AACF15D}" = ccc-core-static
"{5D21244C-75F4-4204-8B60-5DE662A245F1}" = CCC Help Finnish
"{5D412B61-F3A7-42C6-9C07-29BBD3D442B1}" = AVG 2013
"{63218538-4A69-497F-8455-904261B0E9E4}" = CorelDRAW Graphics Suite X3
"{647FDE6A-C7D5-D8AD-BCB6-3A69FC95C264}" = CCC Help Japanese
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65739FA2-0444-4AB2-B598-872406539EBD}" = pdfforge Toolbar v6.6
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71972D00-4596-11E2-B6EA-B8AC6F97B88E}" = Google Earth Plug-in
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7447DBD6-E712-B7FD-3E1B-C82929E3DC94}" = Catalyst Control Center InstallProxy
"{744F505A-D627-E778-6724-EE7C70F49789}" = CCC Help Turkish
"{77117A63-E036-9CBC-88AA-EA11FFDE706C}" = CCC Help Danish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1" = Mouse Recorder Pro 2.0.7.4
"{8CC68433-5837-4075-B81F-EA7E4F14CE60}" = iCloud
"{8F1B38D1-A6CC-982A-158E-A8B97EB5A5D4}" = ccc-utility
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90FD66ED-BF27-2513-2D4C-5FA5EEA239C6}" = CCC Help Hungarian
"{9190F5FB-B316-10E8-56A9-695110CAB551}" = CCC Help Spanish
"{969F1D08-6246-2BAA-A4F8-4C2B291078DF}" = CCC Help Greek
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7172F1-66F1-603F-7E54-35EBB9F6E2EC}" = dLAN Cockpit
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8142BB-8AD4-A3F3-4191-CE02A9E5BFAB}" = CCC Help French
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF399570-0FB0-122E-0C35-849F15AFAB19}" = Application Profiles
"{B0933BBC-1A09-146A-C40A-BD5C1294749C}" = AMD Drag and Drop Transcoding
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B202B201-5D15-4CA7-A978-047AB4A28960}" = PE-DESIGN Ver.6
"{B28F4C9C-8348-4B52-BB95-F8FAC95A8325}" = PCTV Package - Windows Media Center
"{B42BC17B-B545-E379-96E4-8709AB86034A}" = CCC Help Dutch
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B80BE2E3-EA77-53D4-7A56-C53D452E6D50}" = HydraVision
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51
"{BA02FAF3-7AEE-4B07-A7F8-5AF7F81EB940}" = DRAWings X3
"{BCCC97EE-E162-448C-8847-59718FF29B04}" = Intel(R) Network Connections 15.6.25.0
"{BF5B8A54-EE1E-B221-4C1E-4D9E5E93D7A6}" = CCC Help Chinese Traditional
"{C1548201-53B0-EB9E-B662-D3E48406AF50}" = CCC Help Czech
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C7132F71-289A-4111-A9A9-1DD28C7B80A7}" = TVCenter
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C7D2B6FB-A766-DAFB-3536-8219ED98EF5F}" = CCC Help Norwegian
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}" = DE
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC71BB44-D345-7591-D61B-9233464D6326}" = CCC Help Portuguese
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D1D40FB8-4DF3-8AC7-DB80-5030D6BD7E5F}" = CCC Help Korean
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D554EA85-E14F-A09E-BF72-360CDC8C73F5}" = CCC Help Chinese Standard
"{D903B6D5-B5E7-261E-F5F7-8784A1EC43EF}" = CCC Help Polish
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FC73D9BE-30BC-1BBF-3E7F-57F37E96AFEB}" = Catalyst Control Center Graphics Previews Vista
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Aiseesoft iPad Converter Suite_is1" = Aiseesoft iPad Converter Suite
"Any Video Converter Ultimate_is1" = Any Video Converter Ultimate 4.3.7
"AnyDVD" = AnyDVD
"AVG" = AVG 2013
"AVGo Media Recorder_is1" = AVGo Media Recorder 1.10
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"BabylonToolbar" = Babylon toolbar on IE
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"DAEMON Tools Lite" = DAEMON Tools Lite
"dlancockpit" = devolo dLAN Cockpit
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.0
"EPSON Scanner" = EPSON Scan
"ffdshow_is1" = ffdshow v1.1.4305 [2012-02-05]
"Free DVD Video Converter_is1" = Free DVD Video Converter version 1.5.15.602
"Free iPad Video Converter_is1" = Free iPad Video Converter 3.7.2.1
"Free Studio_is1" = Free Studio version 5.3.5
"Free Video to AppleTV Converter_is1" = Free Video to AppleTV Converter version 2.3.3.920
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"FTP Commander" = FTP Commander
"HaaliMkx" = Haali Media Splitter
"iCopy" = iCopy
"ImgBurn" = ImgBurn
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"IrfanView" = IrfanView (remove only)
"Junction Link Magic_is1" = Junction Link Magic 2.0
"MagniDriver" = marvell 91xx console driver
"MakeMKV" = MakeMKV v1.7.9
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP4 Cutter_is1" = MP4 Cutter 1.0
"PROSetDX" = Intel(R) Network Connections 15.6.25.0
"SX Virtual Link" = SX Virtual Link
"Synology Assistant" = Synology Assistant (remove only)
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.11
"vShare.tv plugin" = vShare.tv plugin 1.3
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2180860846-1555781176-264122612-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f018cf21c0452c64" = FRITZ!Box USB-Fernanschluss
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.12.2012 20:42:04 | Computer Name = OOOOO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
Files\Spigot\Search Settings\SearchSettings64.exe". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 24.12.2012 18:10:13 | Computer Name = OOOOO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 17.0.1.4715,
Zeitstempel: 0x50b71a4b Name des fehlerhaften Moduls: xul.dll, Version: 17.0.1.4715,
Zeitstempel: 0x50b7198b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00144ed8 ID des fehlerhaften
Prozesses: 0x16ac Startzeit der fehlerhaften Anwendung: 0x01cde152e542c60a Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe Pfad des fehlerhaften
Moduls: C:\Program Files\Mozilla Firefox\xul.dll Berichtskennung: b0203091-4e16-11e2-88e5-009081d691a5
Error - 24.12.2012 18:26:26 | Computer Name = OOOOO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7600.16667,
Zeitstempel: 0x4c7dc5a1 Name des fehlerhaften Moduls: MatroskaDX.ax, Version: 1.0.2.9,
Zeitstempel: 0x4411e62f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000fe36 ID des fehlerhaften
Prozesses: 0x1a98 Startzeit der fehlerhaften Anwendung: 0x01cde225b4a22fa1 Pfad der
fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmplayer.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\MatroskaDX.ax Berichtskennung: f3dd8650-4e18-11e2-88e5-009081d691a5
Error - 24.12.2012 18:26:33 | Computer Name = OOOOO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7600.16667,
Zeitstempel: 0x4c7dc5a1 Name des fehlerhaften Moduls: MatroskaDX.ax, Version: 1.0.2.9,
Zeitstempel: 0x4411e62f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00003aac ID des fehlerhaften
Prozesses: 0x1db0 Startzeit der fehlerhaften Anwendung: 0x01cde225b91578ef Pfad der
fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmplayer.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\MatroskaDX.ax Berichtskennung: f857d499-4e18-11e2-88e5-009081d691a5
Error - 24.12.2012 18:26:37 | Computer Name = OOOOO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7600.16667,
Zeitstempel: 0x4c7dc5a1 Name des fehlerhaften Moduls: MatroskaDX.ax, Version: 1.0.2.9,
Zeitstempel: 0x4411e62f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00003aac ID des fehlerhaften
Prozesses: 0x6b0 Startzeit der fehlerhaften Anwendung: 0x01cde225bc888c8d Pfad der
fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmplayer.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\MatroskaDX.ax Berichtskennung: fa89ff14-4e18-11e2-88e5-009081d691a5
Error - 24.12.2012 18:30:24 | Computer Name = OOOOO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: makemkvcon.exe, Version: 1.7.9.0,
Zeitstempel: 0x50972580 Name des fehlerhaften Moduls: makemkvcon.exe, Version: 1.7.9.0,
Zeitstempel: 0x50972580 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000a827 ID des fehlerhaften
Prozesses: 0x15f4 Startzeit der fehlerhaften Anwendung: 0x01cde1619850c7f2 Pfad der
fehlerhaften Anwendung: C:\Program Files\MakeMKV\makemkvcon.exe Pfad des fehlerhaften
Moduls: C:\Program Files\MakeMKV\makemkvcon.exe Berichtskennung: 81bbfa4a-4e19-11e2-88e5-009081d691a5
Error - 27.12.2012 09:20:31 | Computer Name = OOOOO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Embedit.exe, Version: 6.0.0.1, Zeitstempel:
0x40fef1df Name des fehlerhaften Moduls: CardIO.dll, Version: 3.0.0.2, Zeitstempel:
0x40fef18a Ausnahmecode: 0x80000003 Fehleroffset: 0x000019b4 ID des fehlerhaften Prozesses:
0xaf0 Startzeit der fehlerhaften Anwendung: 0x01cde434e7b7385f Pfad der fehlerhaften
Anwendung: C:\Program Files\Brother\PE-DESIGN Ver6\Embedit.exe Pfad des fehlerhaften
Moduls: C:\Program Files\Brother\PE-DESIGN Ver6\CardIO.dll Berichtskennung: 2ff16567-5028-11e2-ba69-009081d691a5
Error - 27.12.2012 12:18:01 | Computer Name = OOOOO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: rundll32.exe_shell32.dll, Version:
6.1.7600.16385, Zeitstempel: 0x4a5bc637 Name des fehlerhaften Moduls: unknown, Version:
0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x060ef568
ID
des fehlerhaften Prozesses: 0x1f64 Startzeit der fehlerhaften Anwendung: 0x01cde44d6f55e4ed
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\rundll32.exe Pfad des fehlerhaften
Moduls: unknown Berichtskennung: fbb86f75-5040-11e2-ba69-009081d691a5
Error - 28.12.2012 15:55:13 | Computer Name = OOOOO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7600.16768,
Zeitstempel: 0x4d6878c3 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x053cfc7c ID des fehlerhaften
Prozesses: 0x1a8c Startzeit der fehlerhaften Anwendung: 0x01cde534a992042a Pfad der
fehlerhaften Anwendung: C:\Windows\explorer.exe Pfad des fehlerhaften Moduls: unknown
Berichtskennung:
7ddba9fa-5128-11e2-ba69-009081d691a5
Error - 28.12.2012 16:21:43 | Computer Name = OOOOO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: PDFXCview.exe, Version: 2.0.44.0,
Zeitstempel: 0x4b3b9080 Name des fehlerhaften Moduls: PDFXCview.exe, Version: 2.0.44.0,
Zeitstempel: 0x4b3b9080 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004873f5 ID des fehlerhaften
Prozesses: 0x16e8 Startzeit der fehlerhaften Anwendung: 0x01cde534ef2860f5 Pfad der
fehlerhaften Anwendung: I:\Windows.old\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe
Pfad
des fehlerhaften Moduls: I:\Windows.old\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe
Berichtskennung:
3184a4cf-512c-11e2-ba69-009081d691a5
[ DRAWings Events ]
Error - 30.10.2012 18:43:57 | Computer Name = OOOOO | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached
Error - 30.10.2012 18:45:35 | Computer Name = OOOOO | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached
Error - 30.10.2012 18:47:17 | Computer Name = OOOOO | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached
Error - 23.11.2012 18:37:22 | Computer Name = OOOOO | Source = DRAWingsApp | ID = 4003
Description = Last exception was unhandled.
Error - 16.12.2012 18:40:41 | Computer Name = OOOOO | Source = DRAWingsApp | ID = 4003
Description = Last exception was unhandled.
[ Media Center Events ]
Error - 28.03.2012 17:36:44 | Computer Name = OOOOO | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0x80070001) PCTV 100e/150e
WDM TVTuner
Error - 16.05.2012 17:00:42 | Computer Name = OOOOO | Source = MCUpdate | ID = 0
Description = 23:00:42 - Directory konnte nicht abgerufen werden (Fehler: Timeout
für Vorgang überschritten)
Error - 16.05.2012 17:04:02 | Computer Name = OOOOO | Source = MCUpdate | ID = 0
Description = 23:04:02 - MCESpotlight konnte nicht abgerufen werden (Fehler: Timeout
für Vorgang überschritten)
Error - 16.05.2012 17:09:43 | Computer Name = OOOOO | Source = MCUpdate | ID = 0
Description = 23:08:03 - Broadband konnte nicht abgerufen werden (Fehler: Timeout
für Vorgang überschritten)
Error - 16.05.2012 17:11:25 | Computer Name = OOOOO | Source = MCUpdate | ID = 0
Description = 23:11:23 - EpgListings konnte nicht abgerufen werden (Fehler: Timeout
für Vorgang überschritten)
[ System Events ]
Error - 23.12.2012 16:43:46 | Computer Name = OOOOO | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 23.12.2012 16:43:46 | Computer Name = OOOOO | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 23.12.2012 21:42:21 | Computer Name = OOOOO | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 25.12.2012 04:20:22 | Computer Name = OOOOO | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 25.12.2012 21:17:05 | Computer Name = OOOOO | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 27.12.2012 02:45:02 | Computer Name = OOOOO | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 27.12.2012 02:45:05 | Computer Name = OOOOO | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 29.12.2012 16:47:15 | Computer Name = OOOOO | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 29.12.2012 16:47:18 | Computer Name = OOOOO | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 29.12.2012 18:27:49 | Computer Name = OOOOO | Source = VDS Basic Provider | ID = 33554433
Description =
< End of report >
--- --- --- |
AdwCleaner auf deinen Desktop.