SirSpeedy | 24.08.2010 13:47 | Hallo,
Ich habe noch ein paar mal mit Malwarebytes gescannt, es wurden immer weniger Viren, jedoch war zuletzt AntimalwareDoctor noch drauf.
Hier sind die Logs von OTL:
OTL.txt
OTL Logfile: Code:
OTL logfile created on: 24/08/2010 14:37:35 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Joseph\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 0000046E | Country: Luxembourg | Language: LBX | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,99 Gb Total Space | 1,56 Gb Free Space | 3,00% Space Free | Partition Type: NTFS
Drive D: | 51,98 Gb Total Space | 34,64 Gb Free Space | 66,65% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\Joseph\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\WhatPulse\WhatPulse.exe (WhatPulse.org)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
PRC - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eNet\eNMTray.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Acer Inc.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
========== Modules (SafeList) ==========
MOD - C:\Users\Joseph\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\odbc32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\mfc42.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\System32\odbcint.dll (Microsoft Corporation)
MOD - C:\Acer\Empowering Technology\ePower\SysHook.dll ()
========== Win32 Services (SafeList) ==========
SRV - (LiveUpdate Notice Ex) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (CLTNetCnService) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30128_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS) -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (MSSQLServerADHelper100) -- C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (LVSrvLauncher) -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (WisLMSvc) -- C:\Program Files\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
========== Driver Services (SafeList) ==========
DRV - (WisINT15) -- C:\Elements\1stboot\WisINT15.SYS File not found
DRV - (o1394bul) -- C:\Users\Joseph\AppData\Local\Temp\o1394bul.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (LGVMODEM) -- C:\Windows\System32\drivers\lgvmodem.sys (LG Electronics Inc.)
DRV - (LgBttPort) -- C:\Windows\System32\drivers\lgbtport.sys (LG Electronics Inc.)
DRV - (lgbusenum) -- C:\Windows\System32\drivers\lgbtbus.sys (LG Electronics Inc.)
DRV - (FlashUSB) -- C:\Windows\System32\drivers\FlashUsb.sys (Danish Wireless Design A/S)
DRV - (atapi) -- C:\Windows\system32\drivers\atapi.sys ()
DRV - (WINUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (RsFx0102) -- C:\Windows\System32\drivers\RsFx0102.sys (Microsoft Corporation)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (mod7700) -- C:\Windows\System32\drivers\mod7700.sys (DiBcom SA)
DRV - (fwlanusbn) -- C:\Windows\System32\drivers\fwlanusbn.sys (AVM GmbH)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (MODRC) -- C:\Windows\System32\drivers\modrc.sys (DiBcom S.A.)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (HiTRUST)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (LVMVDrv) -- C:\Windows\System32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (lv321av) Logitech USB PC Camera (VC0321) -- C:\Windows\System32\drivers\lv321av.sys (Logitech Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (GTPTSER) -- C:\Windows\System32\drivers\gtptser.sys (Option N.V.)
DRV - (GTSCSER) -- C:\Windows\System32\drivers\gtscser.sys (Option N.V.)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (PSDNServ) -- C:\Windows\system32\drivers\PSDNServ.sys (HiTRUST)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (psdvdisk) -- C:\Windows\system32\drivers\psdvdisk.sys (HiTRUST)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (GTF32BUS) -- C:\Windows\System32\drivers\gtf32bus.sys (Option N.V.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys ()
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmHidLo) -- C:\Windows\System32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (tt) -- C:\Windows\System32\drivers\owonhdsusb.sys (zhangzhou lilliput optoelectronics institute co.,ltd.)
DRV - (CLEDX) -- C:\Windows\System32\drivers\cledx.sys (Team H2O)
DRV - (TIEHDUSB) -- C:\Windows\System32\drivers\tiehdusb.sys (Texas Instruments Incorporated)
DRV - (SilverLink) Texas Instruments SilverLink (USB GraphLink) -- C:\Windows\System32\drivers\SilvrLnk.sys (Texas Instruments Incorporated)
DRV - (Hotkey) -- C:\Windows\System32\drivers\HOTKEY.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://en.us.acer.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://en.us.acer.yahoo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/17 13:59:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/17 13:59:24 | 000,000,000 | ---D | M]
[2010/08/24 12:56:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/20 15:38:59 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/08/17 13:59:13 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/08/17 13:59:13 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/08/17 13:59:13 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/08/17 13:59:13 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/08/17 13:59:13 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Acer Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe (WhatPulse.org)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} hxxp://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/icaweb-20070115.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.238.104.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/05 07:09:57 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{10c2dfa2-c883-11dd-b3e3-d366d30766de}\Shell - "" = AutoRun
O33 - MountPoints2\{10c2dfa2-c883-11dd-b3e3-d366d30766de}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found
O33 - MountPoints2\{15b5525c-735b-11dd-becc-0018ded2c45d}\Shell - "" = AutoRun
O33 - MountPoints2\{15b5525c-735b-11dd-becc-0018ded2c45d}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{15b55269-735b-11dd-becc-0018ded2c45d}\Shell - "" = AutoRun
O33 - MountPoints2\{15b55269-735b-11dd-becc-0018ded2c45d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{45406dd4-299e-11dd-8898-0016d350e09a}\Shell - "" = AutoRun
O33 - MountPoints2\{45406dd4-299e-11dd-8898-0016d350e09a}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{5396b090-56b7-11df-97bc-0016d350e09a}\Shell - "" = AutoRun
O33 - MountPoints2\{5396b090-56b7-11df-97bc-0016d350e09a}\Shell\AutoRun\command - "" = E:\USBAutoRun.exe -- File not found
O33 - MountPoints2\{59c72d8a-78f4-11dd-bc82-0018ded2c45d}\Shell - "" = AutoRun
O33 - MountPoints2\{59c72d8a-78f4-11dd-bc82-0018ded2c45d}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{59c72d8b-78f4-11dd-bc82-0018ded2c45d}\Shell - "" = AutoRun
O33 - MountPoints2\{59c72d8b-78f4-11dd-bc82-0018ded2c45d}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{60275abe-d791-11dd-a196-0018ded2c45d}\Shell - "" = AutoRun
O33 - MountPoints2\{60275abe-d791-11dd-a196-0018ded2c45d}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{8b52639e-1163-11de-8750-0018ded2c45d}\Shell - "" = AutoRun
O33 - MountPoints2\{8b52639e-1163-11de-8750-0018ded2c45d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{8b5263b7-1163-11de-8750-0016cfec2a79}\Shell - "" = AutoRun
O33 - MountPoints2\{8b5263b7-1163-11de-8750-0016cfec2a79}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{c2074f8a-2b38-11dd-ac44-0018ded2c45d}\Shell - "" = AutoRun
O33 - MountPoints2\{c2074f8a-2b38-11dd-ac44-0018ded2c45d}\Shell\AutoRun\command - "" = H:\Autorun.exe -- File not found
O33 - MountPoints2\{cb7f1025-140d-11df-a763-0016d350e09a}\Shell - "" = AutoRun
O33 - MountPoints2\{cb7f1025-140d-11df-a763-0016d350e09a}\Shell\AutoRun\command - "" = E:\pushinst.exe -- File not found
O33 - MountPoints2\{cbb16de2-c937-11de-a475-0016d350e09a}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{d7a81d20-d78a-11dd-b609-0016d350e09a}\Shell\AutoRun\command - "" = I:\StartPortableApps.exe -- File not found
O33 - MountPoints2\{da348e4c-d2a0-11dd-b929-0016cfec2a79}\Shell - "" = AutoRun
O33 - MountPoints2\{da348e4c-d2a0-11dd-b929-0016cfec2a79}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{da348e4d-d2a0-11dd-b929-0016cfec2a79}\Shell - "" = AutoRun
O33 - MountPoints2\{da348e4d-d2a0-11dd-b929-0016cfec2a79}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{e41ab5b4-7448-11dd-ab4b-0018ded2c45d}\Shell - "" = AutoRun
O33 - MountPoints2\{e41ab5b4-7448-11dd-ab4b-0018ded2c45d}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{e41ab5b6-7448-11dd-ab4b-0018ded2c45d}\Shell - "" = AutoRun
O33 - MountPoints2\{e41ab5b6-7448-11dd-ab4b-0018ded2c45d}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{e98a54ab-6ddb-11dd-af63-0016d350e09a}\Shell - "" = AutoRun
O33 - MountPoints2\{e98a54ab-6ddb-11dd-af63-0016d350e09a}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/08/22 22:24:10 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Unity
[2010/08/20 21:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ReleaseEngineer.MACROVISION\Application Data\skypePM
[2010/08/20 15:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/08/20 15:38:30 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/08/20 12:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/08/20 12:29:45 | 000,000,000 | ---D | C] -- C:\rsit
[2010/08/20 12:12:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/08/20 00:58:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/08/20 00:58:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/08/20 00:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/20 00:38:26 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\byinmycbf
[2010/08/20 00:38:11 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Windows Server
[2010/08/18 13:35:23 | 000,000,000 | ---D | C] -- C:\Program Files\OWON
[2010/08/18 13:33:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\OWONInstruments
[2010/08/13 15:26:05 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/08/13 15:26:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/08/13 15:26:04 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/08/13 15:26:04 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/08/13 15:26:04 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/08/13 15:26:04 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/08/13 15:26:04 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/08/13 15:26:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/08/13 15:26:03 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/08/13 15:26:03 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/08/13 15:26:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/08/13 15:26:03 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/08/13 15:26:03 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/08/13 15:26:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/08/13 15:26:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/08/13 15:25:59 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/08/13 15:25:46 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/08/13 15:25:41 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/08/13 15:25:23 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/08/13 15:25:22 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/07/29 19:03:21 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Vacances
[2006/12/05 10:51:16 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/08/24 14:39:13 | 003,932,160 | -HS- | M] () -- C:\Users\Joseph\NTUSER.DAT
[2010/08/24 14:34:05 | 002,630,208 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/24 14:34:05 | 001,927,788 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/24 14:34:05 | 000,007,006 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/24 14:31:31 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/08/24 14:28:52 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/24 14:28:52 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/24 14:28:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/24 14:28:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/24 14:26:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/08/24 14:26:27 | 000,524,288 | -HS- | M] () -- C:\Users\Joseph\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/08/24 14:26:27 | 000,065,536 | -HS- | M] () -- C:\Users\Joseph\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/08/24 14:26:25 | 006,291,456 | -H-- | M] () -- C:\Users\Joseph\AppData\Local\IconCache.db
[2010/08/24 13:50:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4033196447-1890306390-1010895685-1000UA.job
[2010/08/24 13:50:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4033196447-1890306390-1010895685-1000Core.job
[2010/08/24 12:49:18 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E5145A7A-AF08-4E7E-AAB9-74C047D56293}.job
[2010/08/20 21:04:50 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010/08/20 15:38:31 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/08/20 12:25:59 | 000,294,412 | ---- | M] () -- C:\Users\Joseph\Documents\cc_20100820_122539.reg
[2010/08/20 12:22:21 | 000,000,638 | ---- | M] () -- C:\Users\Joseph\Desktop\CCleaner.lnk
[2010/08/20 00:58:20 | 000,000,624 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/20 00:38:17 | 000,000,005 | ---- | M] () -- C:\zrpt.xml
[2010/08/15 14:01:47 | 000,316,888 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/06 18:07:59 | 000,002,255 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/08/20 21:04:50 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/08/20 15:38:31 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/08/20 12:25:45 | 000,294,412 | ---- | C] () -- C:\Users\Joseph\Documents\cc_20100820_122539.reg
[2010/08/20 12:22:21 | 000,000,638 | ---- | C] () -- C:\Users\Joseph\Desktop\CCleaner.lnk
[2010/08/20 00:58:20 | 000,000,624 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/20 00:38:16 | 000,000,005 | ---- | C] () -- C:\zrpt.xml
[2010/05/03 18:19:02 | 000,221,291 | ---- | C] () -- C:\Windows\Imei_dll.dll
[2010/05/03 18:19:02 | 000,040,960 | ---- | C] () -- C:\Windows\Sublock.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/02/22 17:34:49 | 000,008,398 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2010/02/18 15:57:58 | 000,000,106 | ---- | C] () -- C:\Windows\codelaro.ini
[2009/08/17 13:46:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/17 13:45:51 | 000,019,944 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/31 15:19:18 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2009/07/31 15:19:18 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2009/07/31 12:32:33 | 000,000,085 | ---- | C] () -- C:\Windows\Realflight.INI
[2009/07/31 12:29:31 | 000,000,248 | ---- | C] () -- C:\Windows\emug3.ini
[2009/07/26 15:08:06 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2008/10/05 19:57:21 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008/08/13 00:07:34 | 000,042,320 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2008/05/24 16:31:08 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007/12/02 12:38:36 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/11/06 00:06:39 | 000,000,680 | ---- | C] () -- C:\Users\Joseph\AppData\Local\d3d9caps.dat
[2007/10/11 20:25:45 | 000,049,152 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2007/10/11 20:21:42 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007/10/11 20:20:15 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007/04/05 15:46:34 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2007/03/29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007/02/07 12:19:38 | 000,041,472 | ---- | C] () -- C:\Users\Joseph\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/04 11:18:47 | 000,042,594 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2007/02/03 03:56:21 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/02/03 03:56:21 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/02/03 03:55:03 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/02/03 03:54:20 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys
[2007/02/03 03:47:51 | 000,000,037 | ---- | C] () -- C:\Windows\Acer.ini
[2007/01/22 20:22:36 | 000,055,034 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2007/01/02 18:54:14 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/01/02 18:53:54 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/01/02 18:53:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/01/02 18:52:40 | 000,037,376 | ---- | C] () -- C:\Windows\System32\MSNChatHook.dll
[2007/01/02 18:52:28 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/01/02 18:52:26 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/01/02 18:52:18 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/12/05 14:15:30 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2006/12/05 13:58:20 | 000,743,424 | R--- | C] () -- C:\Windows\libxml2.dll
[2006/12/05 13:56:37 | 000,872,448 | R--- | C] () -- C:\Windows\iconv.dll
[2006/12/05 10:51:17 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2006/12/05 07:10:14 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2006/12/05 07:09:00 | 000,198,144 | ---- | C] () -- C:\Windows\System32\_psisdecd.dll
[2006/12/02 20:32:24 | 000,000,042 | ---- | C] () -- C:\Windows\PreLaunch.ini
[2006/12/02 20:32:23 | 000,204,800 | ---- | C] () -- C:\Windows\Capsule.dll
[2006/12/02 20:32:22 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/03 18:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2002/02/27 18:50:00 | 000,197,120 | ---- | C] () -- C:\Windows\System32\patchw32.dll
[2001/12/27 01:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/04 08:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/31 01:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 07:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
< End of report > --- --- ---
So wie:
Extras.txt
OTL Logfile: Code:
OTL Extras logfile created on: 24/08/2010 14:37:35 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Joseph\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 0000046E | Country: Luxembourg | Language: LBX | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,99 Gb Total Space | 1,56 Gb Free Space | 3,00% Space Free | Partition Type: NTFS
Drive D: | 51,98 Gb Total Space | 34,64 Gb Free Space | 66,65% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09C4276F-160D-4D2D-8213-A0759707E98B}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{0A7BCE11-27FC-4324-AC84-605164ACEB07}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1250C5FE-EE34-4B01-BE33-C69CA3723E42}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1372693F-B636-4929-8AF5-C81B78E74C41}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{19AEAA7F-E8AF-43F0-80C2-EE3E11FFBA18}" = rport=137 | protocol=17 | dir=out | app=system |
"{1F5AF1A9-F887-41F0-9A17-6AB4B389ACEB}" = lport=445 | protocol=6 | dir=in | app=system |
"{1F6FBBA1-B7CA-44B1-AA82-25E57F1C0A8F}" = rport=445 | protocol=6 | dir=out | app=system |
"{2825FD28-644C-4178-BABA-E891581C2874}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3915AE0A-E1BF-4176-A28E-41C859B44AC5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3B317CC8-C085-43D9-83BC-5E92CAFF7B7A}" = lport=139 | protocol=6 | dir=in | app=system |
"{4E8D9EC0-0885-4C8F-90DE-1FEC701C1CAB}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{538B1A06-9051-4955-930F-15FDCEF8A673}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{58605C72-0692-4767-912D-712B8C1E5835}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DC87C24-FF21-4D96-8947-B3FC7A65E87B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{6284B1D3-6E09-4202-8BBC-8569CAC8A98A}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{670B7933-7653-4B37-AE25-5C50E78FF65F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6BD66D0B-BFD8-4752-A3BC-076B49E44D1F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{769F4F47-AF56-4F2C-8A54-66547A68A081}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8405E434-0643-4531-956B-FA1BF2DD4F10}" = lport=2869 | protocol=6 | dir=in | app=system |
"{87804F9E-2E25-4757-A038-C9F1F5F15330}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{92F52F82-A746-4018-8CD3-36D5D9AF4FD3}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{99BE4BF5-FC3E-4B63-8A01-2A4CD3027D51}" = lport=138 | protocol=17 | dir=in | app=system |
"{9C78A943-8ED6-4BBC-B219-5354AC652851}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A6404B2F-E858-4B23-838A-2DF95AEFCC92}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B05567B8-C44A-4231-96EF-90D185FD3E03}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B27D00F1-8108-45BE-A17F-2F43D3C61A1B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{B2CF5380-E5CE-4C7A-9EC7-534DA233F9F2}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BC25F39F-B7A3-4AA1-B59F-7276C843106E}" = rport=138 | protocol=17 | dir=out | app=system |
"{C07BB437-79E0-431B-B773-BE7556050C4E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C4C45A09-4E4D-4F22-92D4-5FB8DEC42F8C}" = rport=139 | protocol=6 | dir=out | app=system |
"{CC335801-70AE-4B27-81D9-0EDDE14FA734}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{DD624100-27BA-4D24-9608-9CFA4C2906EB}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DF3F3A8C-7B44-4E21-9076-4C41D5B8557F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DFBF39FD-A1B9-4C3F-9527-896D5C79D485}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E3A69D1E-1E50-4B42-8699-BC883EABB7E7}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E41E513D-6E03-49FF-B005-65D633680E95}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E5633B34-EBE6-4F4F-93ED-0F54DED8DC3C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EB767FCF-839A-4C21-8506-09A225C989B3}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{EC64E1C4-B5C8-4980-A9D8-16047C2902D9}" = lport=137 | protocol=17 | dir=in | app=system |
"{ED9BEAB6-1822-47CE-8CE0-2FBC78CEB427}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F181EC19-C28F-4844-90C5-D8827A4B24F3}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{FA7F956A-F9CB-4138-B128-3754B6C63EE7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FCB8ECB1-F528-4C4F-84D3-0F406B46A627}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E8BBAE-E14F-4975-8148-D32FA50F042F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0A5EF2F5-ECD1-4B4F-8240-8623B0D6DD0B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0FBB531F-1DBE-49C5-9A29-CDF3831779CD}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{11662FEA-1555-4549-9901-F2C7F2AC6CE8}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{1739D1BD-DE3D-4D3E-BF5E-C3DECC6805CC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{18920867-ECAB-41D4-B4D5-21FB52F58176}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1EE69DFA-CCC7-4464-9369-B93E3A6E94C9}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{23A2E8D0-5B84-48B9-8E54-91DC9194DFED}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe |
"{29F9CCAA-8D6D-44FA-BC22-C917CDD4E7BC}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2BB5AE51-031F-4FA5-BE5F-DBE0E2339811}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2C5C772F-A4B8-48BC-A31A-ABE01E9301C9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{31C0F322-59E4-4ADC-A18B-4B9C08A44C1D}" = protocol=17 | dir=in | app=c:\program files\cyanide\radsportmanager pro 2005-2006\cym2005.exe |
"{39D78FF7-598A-4ED3-AC7E-7FA0CCF5C0A8}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"{3A1D3130-860E-48C1-A25B-5D83A10ED4FE}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{3BAD6A77-C3D3-49BC-933D-1F708A1E67A7}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{3C9AD040-A26F-433E-A884-C1423A3C58A1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4058AF9D-356C-4A93-908A-4F414CA1F08E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{481C4CD2-34F2-413A-A88F-A405186A1E6C}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe |
"{4AB8B68C-5E27-4979-B92B-C68EFB9C5122}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{53636527-7C75-4C43-B311-9A42882C6230}" = protocol=6 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{54005500-71F5-426B-8D42-A9FF4DB0A5F7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{575B28A3-9E3E-4DDB-AE1C-BB100AB83FB6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{57B5071C-4DA5-4AE1-A365-AA1EDCFA3EC5}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5AD54DFE-3029-4048-AA7F-D4E8DABF50BB}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5BA23281-3480-48D5-A305-F61F2B43549E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5CBDE346-16CB-4EED-8561-88383FC984C8}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{645E776A-B8DD-4AE4-B2C7-ED84DD361222}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{6FA17350-2CE5-4CD9-9149-39F992E37D07}" = protocol=6 | dir=in | app=c:\program files\cyanide\radsportmanager pro 2005-2006\cym2005.exe |
"{72E15782-3ACD-44D9-A1C0-54764469D675}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{778702ED-6EB9-4A81-8241-74285B7A390F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{79D699F6-0F97-4E3C-B656-4BF471C84BDE}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{7A98E19B-F677-4EF7-B8B6-57242C15CF2E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8131E75F-120D-47A3-8905-95FB36259892}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{839A66A7-48AA-4BF4-81AC-46F838090879}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8D9BEFF7-CAF5-44C3-A125-82B04838D422}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{963F7B8C-6DF7-4B2A-A8A0-E8E742CA186D}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe |
"{97E18E7B-AF40-4B75-8ED4-2FECAD8C7F4E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9D822A95-9482-4CA5-BAFC-80444D4991E5}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"{9FCE865E-1CC8-4EE5-AA64-F9EC371EDB85}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AE72EB08-6E5D-4967-BEF4-E9F30BA443BB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B0B2546F-223C-4710-8352-63E7AEEBF51F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B41AF908-9291-4118-9911-FAC860436E09}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B466DF3E-157F-4AD8-B71B-C4A732856972}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B4B37CE5-54D7-4502-844A-A5BA38A7570A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B9B35BC5-A721-4B0D-AB4B-6345014D37F9}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe |
"{C1DD537B-9350-49C1-9889-9348E2CFD2B6}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C652FF59-B4AD-4248-B300-EC0C1C6427BD}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{C68D5627-1E00-42DC-933C-5F1A379D1BE7}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{CD65B743-AC5A-4C3D-8D6E-BD95598C2B65}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D28E2822-9744-47B5-A5FC-B793DE313B40}" = protocol=17 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{D75908BF-4898-4A45-8BF9-0C56F80AC29C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DD45D1C1-DE57-4A67-B044-114A23B30095}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA3B351B-8289-44E6-A034-792682A93011}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F0CB7336-D76B-4845-9D7E-2441789E3D03}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F60C73CC-0FA1-481F-847B-0B53198C9226}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FD177EAA-89D1-49D8-82AC-485EF18A875C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{0AFC9710-5DD6-4C6A-BA52-91AE992B2C9D}" = Safari
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{0F79C1B2-36B2-4B62-8221-42721CF54638}" = Acer OrbiCam Application
"{1048B0D2-BAF6-4080-A3C5-2879026FCBF4}" = HdsSetup
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{13AA6556-BA96-4468-A8B4-1AD4A75AD5A0}" = Logitech Gaming Software
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}" = PC Connectivity Solution
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{223E6BB9-6602-4ee4-A964-1B3EFD3C5B80}" = Canon MP130
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28D1D5CE-45D6-4208-8B87-C752B5BC1E3B}" = Vodafone Mobile Connect
"{2D84D8F3-0499-4CC5-98A2-F9D5F31308DB}" = FIFA 2002
"{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{471A9640-39F8-11D5-A07F-005004F915E3}" = Microsoft Games Pocket Pak for Pocket PC
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{619B8475-0F48-41B7-A370-5147F7092989}" = Virtual Earth 3D (Beta)
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3C6846-CDB6-418F-8FDB-DA21FE064F86}" = YAMAHA Musicsoft Downloader 5
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F45E76-E897-42CA-A9FE-5F56817D875C}" = Locomotion
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7CDA2B02-E0A4-4EB5-8533-050D535BA43A}" = Media Converter for Philips
"{80FD852F-5AAC-4129-B931-06AAFFA43138}" = iTunes
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83C03FBE-4492-4133-BBAB-421CD88ADA32}" = OpenOffice.org 2.3
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A6AD979-8170-49ED-8529-14174317B281}" = SA60xx Device Manager
"{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}" = AeroFly Professional Deluxe (inkl. Add-On 1)
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{90CA713A-5D86-40DF-9C29-C284497D3B5F}" = MioMap v3 Updater for PDA
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}" = Nokia PC Suite
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{AEEAE013-92F1-4515-B278-139F1A692A35}" = Acer eDataSecurity Management
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B5761811-28F3-4257-B537-815C5EEF472C}" = Vodafone Mobile Connect Lite
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B8742BE5-6238-3EC0-A9B9-CD562E054A54}" = Microsoft .NET Framework 4 Client Profile
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.1.1.3
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5A7D7AB-3093-3619-9261-74DB250ECF7B}" = Microsoft Visual C++ 2008 Express Edition with SP1 - DEU
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = LG PC Suite III deinstallieren
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E0AD8FC1-1860-33CA-9CFE-5962B91DDDEB}" = Microsoft .NET Framework 4 Extended
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F07AE5AB-516C-4CEB-A0AA-AD083B9182C6}" = TI NoteFolio Creator
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F59A3B93-6C1C-4C3E-BCC4-4897490E2963}" = LG Bluetooth Drivers
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FD71DDAA-EED9-450B-9F91-FADD43DD9CED}_is1" = ALNO AG Küchenplaner 0.96b
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"7D6D030B3D73FCCA3D4E45319380F315DFBE7A54" = Windows Driver Package - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"AcerOrbiCamDrv" = Acer Camera Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AutoHotkey" = AutoHotkey 1.0.48.03
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"EPSON Printer and Utilities" = EPSON Printer Software
"Evrsoft First Page 2006_is1" = Evrsoft First Page 2006
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt
"Google Updater" = Google Updater
"Graffiti Studio 2.0_is1" = Graffiti Studio 2.0
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"JAP" = JAP
"KSE Backgammon 2.0 (Pocket PC)" = KSE Backgammon 2.0 (Pocket PC)
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 4.2.0.42 (D)
"MAGIX Goya burnR D" = MAGIX Goya burnR 2.3.1.3 (D)
"MAGIX Music Maker Hip Hop Edition 2 D" = MAGIX Music Maker Hip Hop Edition 2 4.0.0.10 (D)
"MAGIX Music Manager 2007 D" = MAGIX Music Manager 2007 8.2.0.54 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2008 Express Edition with SP1 - DEU" = Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MP Navigator 1.1" = Canon MP Navigator 1.1
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OmniGSoft Mini-Aquabike 1.0 for Pocket PC" = OmniGSoft Mini-Aquabike 1.0 for Pocket PC
"OmniGSoft Mini-Sportsbike 1.0 for Pocket PC" = OmniGSoft Mini-Sportsbike 1.0 for Pocket PC
"OmniGSoft Mini-TransCanada 1.2 for Pocket PC" = OmniGSoft Mini-TransCanada 1.2 for Pocket PC
"PacSteamT" = PacSteamT
"RealFlightG4Pro" = RealFlight G4 R/C Simulator
"SecondLife" = SecondLife (remove only)
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"ST6UNST #1" = Bounty Hunter 2099 Pinball
"Steinberg Cubase SX v3.1.1.944" = Steinberg Cubase SX v3.1.1.944
"SUPER ©" = SUPER © Version 2008.bld.33 (Sep 2, 2008)
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosoft's License Control
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"TmSunrise_is1" = TrackMania Sunrise Extreme 1.5.0
"TomTom HOME" = TomTom HOME 2.7.5.2014
"VLC media player" = VLC media player 1.1.0
"WhatPulse" = WhatPulse 1.6.2.1
"WinGimp-2.0_is1" = GIMP 2.4.6
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xfire" = Xfire (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"Zattoo" = Zattoo 3.2.4 Beta
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22/08/2010 16:05:26 | Computer Name = Joseph-PC | Source = LoadPerf | ID = 3012
Description =
Error - 22/08/2010 16:05:26 | Computer Name = Joseph-PC | Source = LoadPerf | ID = 3011
Description =
Error - 22/08/2010 16:30:56 | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application msnmsgr.exe, version 14.0.8089.726, time stamp
0x4a6ce533, faulting module MsgPlusLive.dll, version 4.70.0.334, time stamp 0x489d9678,
exception code 0xc0000005, fault offset 0x000363a8, process id 0x1610, application
start time 0x01cb4238d98469c4.
Error - 23/08/2010 06:49:49 | Computer Name = Joseph-PC | Source = LoadPerf | ID = 3012
Description =
Error - 23/08/2010 06:49:49 | Computer Name = Joseph-PC | Source = LoadPerf | ID = 3011
Description =
Error - 23/08/2010 06:50:01 | Computer Name = Joseph-PC | Source = Google Update | ID = 20
Description =
Error - 24/08/2010 06:52:43 | Computer Name = Joseph-PC | Source = LoadPerf | ID = 3012
Description =
Error - 24/08/2010 06:52:43 | Computer Name = Joseph-PC | Source = LoadPerf | ID = 3011
Description =
Error - 24/08/2010 08:34:02 | Computer Name = Joseph-PC | Source = LoadPerf | ID = 3012
Description =
Error - 24/08/2010 08:34:02 | Computer Name = Joseph-PC | Source = LoadPerf | ID = 3011
Description =
[ Media Center Events ]
Error - 13/02/2010 12:24:56 | Computer Name = Joseph-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
[ OSession Events ]
Error - 28/12/2007 12:02:05 | Computer Name = Joseph-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5359
seconds with 4140 seconds of active time. This session ended with a crash.
Error - 15/12/2009 11:47:11 | Computer Name = Joseph-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 26
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12/01/2010 13:14:58 | Computer Name = Joseph-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12/01/2010 13:21:32 | Computer Name = Joseph-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 379
seconds with 60 seconds of active time. This session ended with a crash.
Error - 12/01/2010 13:21:56 | Computer Name = Joseph-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12/01/2010 13:22:23 | Computer Name = Joseph-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12/01/2010 13:23:09 | Computer Name = Joseph-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 18/01/2010 11:40:34 | Computer Name = Joseph-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 55
seconds with 0 seconds of active time. This session ended with a crash.
Error - 18/01/2010 11:45:15 | Computer Name = Joseph-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 33
seconds with 0 seconds of active time. This session ended with a crash.
Error - 29/07/2010 13:08:29 | Computer Name = Joseph-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 446
seconds with 120 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 22/08/2010 17:38:44 | Computer Name = Joseph-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 22/08/2010 17:38:45 | Computer Name = Joseph-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 22/08/2010 17:38:46 | Computer Name = Joseph-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 22/08/2010 17:38:48 | Computer Name = Joseph-PC | Source = PlugPlayManager | ID = 12
Description = The device 'TSSTcorp CD/DVDW TS-L632D ATA Device' (IDE\CdRomTSSTcorp_CD/DVDW_TS-L632D_______________ac00____\5&214dc5be&0&1.1.0)
disappeared from the system without first being prepared for removal.
Error - 22/08/2010 17:38:47 | Computer Name = Joseph-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 22/08/2010 17:38:48 | Computer Name = Joseph-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 22/08/2010 17:38:48 | Computer Name = Joseph-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 23/08/2010 06:45:52 | Computer Name = Joseph-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 24/08/2010 06:46:34 | Computer Name = Joseph-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 24/08/2010 08:29:20 | Computer Name = Joseph-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report > --- --- ---
Gruss,
SirSpeedy |