Hier die Ergebnisse vom Scan mit OTL
1.log
OTL Logfile: Code:
OTL logfile created on: 19.11.2010 22:15:09 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Media\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 38,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 44,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 457,65 Gb Total Space | 204,07 Gb Free Space | 44,59% Space Free | Partition Type: NTFS
Drive D: | 8,11 Gb Total Space | 1,01 Gb Free Space | 12,44% Space Free | Partition Type: NTFS
Computer Name: MEDIA-PC | User Name: Media | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Media\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclIVTBTSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Common Files\Nokia\NoA\nokiaaserver.exe ()
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe ()
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\p2phost.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\OpenOffice.org 2.3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 2.3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
PRC - C:\Programme\phonostar\ps_timer.exe (phonostar)
PRC - C:\Programme\phonostar\ps_agent.exe (phonostar)
PRC - C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
PRC - C:\VistaOSX09\RKLauncher.exe (RaduKing)
PRC - C:\Programme\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Windows\vsnpstd.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\Media\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\Unlocker\UnlockerHook.dll ()
MOD - C:\VistaOSX09\RKLauncher.dll (RaduKing)
========== Win32 Services (SafeList) ==========
SRV - (SNMPTRAPShellHWDetection) -- C:\Windows\System32\12520437s.exe File not found
SRV - (PNRPAutoRegWPDBusEnum) -- C:\Windows\System32\amxreadm.exe File not found
SRV - (AVK Tuner Service) -- C:\Program Files\G DATA InternetSecurity TotalCare\AVKTuner\AVKTunerService.exe File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
SRV - (MySQL) -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe ()
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Remote UI Service) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation)
SRV - (MCLServiceATL) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation)
SRV - (ISSM) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel(R) Corporation)
SRV - (AlertService) Intel(R) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
SRV - (M1 Server) Intel(R) Viiv(TM) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (IntelDHSvcConf) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe (Intel(R) Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (zlportio) -- C:\Program Files\UltraStar Deluxe\zlportio.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (btnetBUs) -- C:\Windows\System32\drivers\btnetBus.sys ()
DRV - (IvtBtBUs) -- C:\Windows\System32\drivers\IvtBtBus.sys (IVT Corporation.)
DRV - (BtHidBus) -- C:\Windows\System32\Drivers\BtHidBus.sys (IVT Corporation.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (zebrsce) -- C:\Windows\System32\drivers\zebrsce.sys (MCCI)
DRV - (zebrmdmc) Sony Ericsson mRouter Port (WDM) -- C:\Windows\System32\drivers\zebrmdmc.sys (MCCI)
DRV - (zebrmdm) Sony Ericsson Port (WDM) -- C:\Windows\System32\drivers\zebrmdm.sys (MCCI)
DRV - (zebrmdfl) -- C:\Windows\System32\drivers\zebrmdfl.sys (MCCI Corporation)
DRV - (zebrbus) -- C:\Windows\System32\drivers\zebrbus.sys (MCCI)
DRV - (zebrceb) Sony Ericsson Cable Emulation Bus (WDM) -- C:\Windows\System32\drivers\zebrceb.sys (MCCI)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (BlueletAudio) -- C:\Windows\System32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (Btcsrusb) -- C:\Windows\System32\drivers\btcusb.sys (IVT Corporation.)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (BlueletSCOAudio) -- C:\Windows\System32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BT) -- C:\Windows\System32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\Windows\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\Windows\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\Windows\System32\drivers\VComm.sys (IVT Corporation.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (snpstd) -- C:\Windows\System32\drivers\snpstd.sys ()
DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (BTSERIAL) -- C:\Windows\System32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\Windows\System32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (AVMUNET) -- C:\Windows\System32\drivers\avmunet.sys (AVM GmbH)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHP0.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHP0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = eumex.ip;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.fcstpauli.com/"
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: {dc961bb0-dfb2-11dc-95ff-0800200c9a66}:2.20100123
FF - prefs.js..extensions.enabledItems: {a02c0c70-605c-11da-8cd6-0800200c9a66}:4.22
FF - prefs.js..extensions.enabledItems: {333b42b0-9c75-11db-b606-0800200c9a66}:2.200100126
FF - prefs.js..extensions.enabledItems: rein@notiz.jp:3.6.1
FF - prefs.js..extensions.enabledItems: {d650973c-0444-4ac7-9d00-19e3613c83b9}:3.6.7
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Video Downloader\Plugin_FireFox [2009.06.16 12:11:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.08.21 14:13:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.29 07:25:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.29 07:25:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2010.09.27 19:40:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.10.28 23:45:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.09.27 19:40:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.08.21 14:13:30 | 000,000,000 | ---D | M]
[2010.08.23 16:00:10 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Extensions
[2010.08.23 16:00:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Media\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.11.19 17:13:29 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions
[2010.10.24 10:48:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010.05.07 19:28:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.22 22:42:46 | 000,000,000 | ---D | M] (PinkHope) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{333b42b0-9c75-11db-b606-0800200c9a66}
[2010.09.12 19:16:45 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2009.08.13 22:15:48 | 000,000,000 | ---D | M] (iFox Graphite) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{74b288e6-77b6-41c7-8138-bb81f4539689}
[2010.02.22 22:43:14 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010.09.12 19:16:26 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.02.22 22:42:44 | 000,000,000 | ---D | M] (PimpZilla) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{a02c0c70-605c-11da-8cd6-0800200c9a66}
[2010.07.28 18:59:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.15 10:30:28 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.02.22 22:42:24 | 000,000,000 | ---D | M] (iFox Smooth) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{d3d70bca-2d54-425e-b02c-b7e2f4b07688}
[2010.04.15 22:13:29 | 000,000,000 | ---D | M] (Whitehart) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}
[2010.02.22 22:42:24 | 000,000,000 | ---D | M] (MidnightFoxy) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}
[2010.09.12 19:16:28 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.02.22 22:43:07 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2009.06.18 15:16:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009.02.22 20:37:07 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\ChoiceGuard@Microsoft
[2010.09.24 14:54:35 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\DTToolbar@toolbarnet.com
[2010.05.07 19:28:28 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\firebug@software.joehewitt.com
[2010.04.15 22:13:36 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\illimitux@illimitux.net
[2010.02.22 22:42:33 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\navertheme@nhncorp.com
[2010.10.07 09:16:31 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\personas@christopher.beard
[2010.02.22 22:43:04 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\rein@notiz.jp
[2010.10.17 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\twitternotifier@naan.net
[2010.02.22 22:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{333b42b0-9c75-11db-b606-0800200c9a66}\chrome\mozapps\extensions
[2010.02.22 22:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{333b42b0-9c75-11db-b606-0800200c9a66}\chrome\mozapps\extensions\CVS
[2010.02.22 22:42:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}\chrome\mozapps\extensions
[2010.02.22 22:42:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}\chrome\mozapps\extensions\CVS
[2010.02.22 22:42:38 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Firefox\Profiles\trx7uk56.default\extensions\navertheme@nhncorp.com\chrome\mozapps\extensions
[2009.08.21 11:34:45 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\mozilla\Sunbird\Profiles\qj24zrzn.default\extensions
[2010.07.31 19:46:13 | 000,000,881 | ---- | M] () -- C:\Users\Media\AppData\Roaming\Mozilla\FireFox\Profiles\trx7uk56.default\searchplugins\conduit.xml
[2010.09.24 14:52:11 | 000,002,059 | ---- | M] () -- C:\Users\Media\AppData\Roaming\Mozilla\FireFox\Profiles\trx7uk56.default\searchplugins\daemon-search.xml
[2010.11.19 15:09:27 | 000,000,947 | ---- | M] () -- C:\Users\Media\AppData\Roaming\Mozilla\FireFox\Profiles\trx7uk56.default\searchplugins\icqplugin.xml
[2010.11.19 17:13:29 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.07.08 13:51:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.02.18 12:10:26 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\npmozax@real.com
[2007.03.02 14:17:24 | 000,095,200 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPAPIX.dll
[2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2007.01.17 12:18:04 | 000,095,200 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPFluxBrowserHelper.dll
[2007.07.25 09:51:06 | 000,164,352 | ---- | M] (Indiepath Ltd) -- C:\Programme\Mozilla Firefox\plugins\npigl.dll
[2007.09.07 15:25:50 | 000,103,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPMPDRM.dll
[2008.06.30 22:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\npOGAPlugin.dll
[2009.03.30 16:13:54 | 000,098,304 | ---- | M] (RealNetworks) -- C:\Programme\Mozilla Firefox\plugins\npraclient.dll
[2007.09.07 14:46:48 | 000,098,968 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPWMDRMWrapper.dll
[2007.03.10 00:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Mozilla Firefox\plugins\npyaxmpb.dll
[2009.10.26 15:45:36 | 000,102,400 | ---- | M] (Zylom) -- C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010.10.22 11:58:49 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.22 11:58:50 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.22 11:58:50 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.22 11:58:50 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.22 11:58:51 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Programme\ArcSoft\Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHP0.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHP0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Programme\PHPNukeDE\tbPHP0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CCUTRAYICON] File not found
O4 - HKLM..\Run: [Device Detection] C:\Program Files\fotokasten comfort\dd.exe File not found
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [PC Suite for Smartphones] C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Programme\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [PhonostarAgent] C:\Programme\phonostar\ps_agent.exe (phonostar)
O4 - HKCU..\Run: [PhonostarTimer] C:\Programme\phonostar\ps_timer.exe (phonostar)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2008.11.10 16:58:53 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dock.lnk = C:\VistaOSX09\RKLauncher.exe (RaduKing)
O4 - Startup: C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Programme\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Media\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Media\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} https://fixit.support.microsoft.com/ActiveX/FixItClient.CAB (FixItClient Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} hxxp://www.gamehouse.com/realarcade-webgames/weddingdash/WeddingDash.cab (CPlayFirstWeddingDashControl Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Media\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Media\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.07.11 21:35:00 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2faad116-cb84-11dc-a763-001bfce031d0}\Shell - "" = AutoRun
O33 - MountPoints2\{2faad116-cb84-11dc-a763-001bfce031d0}\Shell\AutoRun\command - "" = G:\preinst.exe -- File not found
O33 - MountPoints2\{f3a98d9d-8efd-11dc-96d1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f3a98d9d-8efd-11dc-96d1-806e6f6e6963}\Shell\AutoRun\command - "" = G:\preinst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.11.19 14:17:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.19 14:17:25 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.19 14:17:02 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Media\Desktop\mbam-setup.exe
[2010.11.19 14:15:41 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Media\Desktop\OTL.exe
[2010.11.19 02:59:54 | 000,000,000 | ---D | C] -- C:\Users\Media\Desktop\2010-11-19
[2010.11.18 23:51:37 | 000,000,000 | ---D | C] -- C:\Users\Media\AppData\Roaming\Malwarebytes
[2010.11.18 23:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.18 23:50:45 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.11.18 23:05:21 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Media\Desktop\unconfirmed 63978.crdownload
[2010.11.16 17:23:10 | 000,000,000 | ---D | C] -- C:\Users\Media\AppData\Roaming\Avira
[2010.11.12 09:58:33 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.11.12 09:58:33 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.10.27 16:44:35 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.10.27 16:44:34 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.10.27 16:44:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2005.04.21 00:16:28 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd.dll
[2004.02.16 20:59:50 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.11.19 21:49:06 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.19 20:49:04 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.19 20:18:14 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.19 20:18:13 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.19 18:22:18 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.11.19 18:16:55 | 000,064,687 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.11.19 18:16:55 | 000,064,687 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.11.19 18:16:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.19 18:16:35 | 2146,754,560 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.19 18:16:33 | 257,264,167 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.11.19 15:56:56 | 000,626,530 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.19 15:56:56 | 000,595,306 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.19 15:56:56 | 000,125,832 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.19 15:56:56 | 000,104,442 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.19 14:17:31 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.19 14:17:06 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Media\Desktop\mbam-setup.exe
[2010.11.19 14:15:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Media\Desktop\OTL.exe
[2010.11.18 23:05:23 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Media\Desktop\unconfirmed 63978.crdownload
[2010.11.13 11:04:04 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.11.13 11:04:04 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.11.11 20:50:12 | 000,025,088 | ---- | M] () -- C:\Users\Media\Desktop\Runde 2 Themen.doc
[2010.11.09 20:59:20 | 044,151,368 | ---- | M] () -- C:\Users\Media\Desktop\avira_antivir_personal_de.exe
[2010.10.25 21:12:49 | 000,716,768 | ---- | M] () -- C:\Users\Media\Desktop\Pelinka_Grundzüge_Politikwissenschaft.pdf
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.11.19 14:17:31 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.11 20:50:07 | 000,025,088 | ---- | C] () -- C:\Users\Media\Desktop\Runde 2 Themen.doc
[2010.11.09 20:58:01 | 044,151,368 | ---- | C] () -- C:\Users\Media\Desktop\avira_antivir_personal_de.exe
[2010.10.25 21:12:45 | 000,716,768 | ---- | C] () -- C:\Users\Media\Desktop\Pelinka_Grundzüge_Politikwissenschaft.pdf
[2010.09.24 14:51:51 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.08.17 20:51:15 | 000,000,011 | ---- | C] () -- C:\Users\Media\AppData\Roaming\NevoSoft Gameslog.txt
[2010.07.07 13:44:59 | 000,064,687 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.07.06 13:15:03 | 000,064,687 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.05.20 22:53:27 | 000,000,680 | ---- | C] () -- C:\Users\Media\AppData\Local\d3d9caps.dat
[2010.03.09 23:31:55 | 000,017,408 | ---- | C] () -- C:\Users\Media\AppData\Local\WebpageIcons.db
[2009.12.24 13:30:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.17 14:02:46 | 000,029,192 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2009.05.27 14:12:34 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.05.27 09:25:32 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2009.02.26 17:08:39 | 000,027,043 | ---- | C] () -- C:\Users\Media\AppData\Roaming\UserTile.png
[2009.01.26 18:54:53 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.01.21 20:31:00 | 000,282,606 | ---- | C] () -- C:\Users\Media\AppData\Local\awuag_nav.dat
[2009.01.21 20:31:00 | 000,003,266 | ---- | C] () -- C:\Users\Media\AppData\Local\awuag.dat
[2009.01.21 20:31:00 | 000,002,220 | ---- | C] () -- C:\Users\Media\AppData\Local\awuag_navps.dat
[2009.01.21 17:06:43 | 000,000,641 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2009.01.21 17:06:43 | 000,000,087 | ---- | C] () -- C:\Windows\dswplug.ini
[2009.01.21 15:04:40 | 000,004,969 | ---- | C] () -- C:\ProgramData\tgioyvlx.pxu
[2009.01.21 15:04:20 | 000,000,060 | ---- | C] () -- C:\Windows\IniFile1.ini
[2009.01.21 14:47:43 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.01.02 16:20:08 | 000,000,082 | ---- | C] () -- C:\Windows\mafosav.INI
[2008.12.23 23:21:17 | 000,004,757 | ---- | C] () -- C:\Windows\Irremote.ini
[2008.11.21 22:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.11.21 22:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008.08.01 14:02:28 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.07.31 12:16:42 | 000,000,088 | ---- | C] () -- C:\Users\Media\AppData\Local\cxupeads.bat
[2008.07.24 13:36:03 | 000,000,417 | ---- | C] () -- C:\Windows\Uninstall Spielesammlung.ini
[2008.07.14 09:47:49 | 000,000,364 | ---- | C] () -- C:\Windows\GSHH08.INI
[2008.07.14 09:47:07 | 000,000,366 | ---- | C] () -- C:\Windows\retrieve.ini
[2008.06.28 13:38:13 | 000,028,672 | ---- | C] () -- C:\Windows\gscr.dll
[2008.06.24 11:11:15 | 000,241,897 | ---- | C] () -- C:\Users\Media\AppData\Roaming\mdbu.bin
[2008.05.05 17:08:22 | 000,000,012 | ---- | C] () -- C:\Windows\dirsaver.ini
[2008.04.20 17:53:59 | 000,000,030 | ---- | C] () -- C:\Windows\iedit_.INI
[2008.04.11 12:37:21 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2008.03.10 22:52:11 | 000,000,067 | ---- | C] () -- C:\Windows\Backup.INI
[2008.01.18 23:09:49 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.01.18 23:09:43 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.01.16 15:44:03 | 000,000,174 | ---- | C] () -- C:\Windows\math2003.INI
[2008.01.16 15:43:35 | 000,446,464 | ---- | C] () -- C:\Windows\System32\Tx32.dll
[2008.01.16 15:43:33 | 000,000,151 | ---- | C] () -- C:\Windows\System32\ic32.ini
[2007.12.27 13:14:25 | 000,020,480 | ---- | C] () -- C:\Windows\System32\PosTickerLib.dll
[2007.12.25 22:31:02 | 000,154,262 | ---- | C] () -- C:\Users\Media\AppData\Roaming\NMM-MetaData.db
[2007.12.21 00:42:02 | 000,101,376 | ---- | C] () -- C:\Users\Media\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.10 17:23:12 | 000,000,912 | ---- | C] () -- C:\Users\Media\AppData\Roaming\wklnhst.dat
[2007.11.09 13:40:59 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
[2007.11.09 13:38:11 | 000,007,680 | ---- | C] () -- C:\Windows\System32\CNMVS66.DLL
[2007.07.25 14:24:30 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.07.11 21:27:56 | 000,000,311 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007.07.11 21:09:42 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes24.dll
[2007.07.11 21:09:41 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom24.dll
[2007.03.29 22:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007.01.26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007.01.26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2007.01.12 06:07:48 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2007.01.12 06:07:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.06.23 09:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2006.05.03 22:40:42 | 000,390,784 | ---- | C] () -- C:\Windows\System32\drivers\snpstd.sys
[2006.02.26 15:08:28 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2005.12.02 14:14:56 | 000,090,112 | ---- | C] () -- C:\Windows\System32\btprn2k.dll
[2005.09.23 13:52:14 | 000,207,872 | ---- | C] () -- C:\Windows\System32\OneWay.dll
[2005.09.15 23:40:22 | 000,160,768 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2004.07.26 11:12:00 | 000,166,912 | --S- | C] () -- C:\Windows\System32\lame_enc.dll
[2003.01.18 00:34:40 | 000,015,541 | ---- | C] () -- C:\Windows\snpstd.ini
[2002.10.12 15:41:34 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2002.06.02 16:05:40 | 000,038,912 | ---- | C] () -- C:\Windows\System32\1Way.dll
[2002.05.24 00:00:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lockout.dll
[2002.05.24 00:00:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\lockres.dll
[2002.03.17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000096.DLL
[2002.03.17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000024.DLL
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.08.31 14:33:58 | 000,425,984 | ---- | C] () -- C:\Windows\System32\VxDMDcDlg.dll
========== LOP Check ==========
[2009.07.09 18:48:23 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Alawar
[2009.07.09 11:02:13 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Amaranth Games
[2010.03.31 16:56:40 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Artisteer
[2009.01.12 17:17:08 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\ASCOMP Software
[2009.06.16 11:20:47 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Ashampoo
[2008.12.27 15:35:11 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Ashtons Family Resort
[2008.12.08 15:51:00 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\BeachPartyCraze
[2008.12.07 14:22:02 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Big Fish Games
[2009.06.26 21:33:48 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\BlamGames
[2009.07.08 21:11:21 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\blg
[2008.11.06 16:33:57 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\BlogDesk
[2008.11.02 14:36:46 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\BloodTies
[2010.01.12 23:09:41 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\BluetoothDriverInstaller
[2009.04.22 18:47:48 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Boolat Games
[2010.11.02 11:31:33 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\BSW
[2009.02.14 12:07:27 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Canneverbe_Limited
[2010.05.12 12:20:08 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Canon
[2009.08.11 19:52:56 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\CasualForge
[2008.12.07 04:21:42 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\cerasus.media
[2008.01.21 15:36:44 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Chicken Chase
[2009.06.26 22:24:41 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\CupcakeCafe
[2010.09.24 15:52:56 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\DAEMON Tools Lite
[2009.01.26 17:08:19 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\DeepBurner
[2010.11.19 17:24:10 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Desktopicon
[2010.09.24 14:21:47 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\DVDVideoSoft
[2010.07.28 18:59:15 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\DVDVideoSoftIEHelpers
[2008.06.07 14:01:44 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\eGames
[2009.07.01 09:10:31 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\EleFun Games
[2008.07.13 20:05:31 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\everpixx
[2008.12.27 16:57:20 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Farm Mania
[2010.10.07 14:25:40 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Flood Light Games
[2010.09.21 15:28:39 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Floodlight Games
[2008.02.17 18:37:42 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\FloodLightGames
[2010.08.17 19:43:06 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\freshgames
[2008.07.17 21:55:37 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Friday's games
[2009.01.01 17:00:47 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Gaijin Ent
[2010.01.03 18:38:48 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Gajim
[2010.10.09 12:00:48 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\GameHousev1002
[2008.12.27 19:14:16 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\GameInvest
[2008.12.27 17:58:44 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Gamelab
[2010.08.17 17:39:10 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\GamesCafe
[2008.12.08 18:27:53 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Go Go Gourmet
[2010.09.24 17:15:36 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Gogii
[2010.07.29 00:03:18 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\GrabPro
[2010.10.14 17:43:52 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\gtk-2.0
[2010.04.13 15:03:55 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\HdO Adventure
[2010.09.23 14:37:24 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\HillStoneAnimationStudios
[2008.12.08 18:54:45 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Home Sweet Home 2
[2010.05.04 22:48:14 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\ICQ
[2008.07.17 11:15:44 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\iWinArcade
[2007.11.25 22:56:28 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Jane s Hotel
[2009.07.05 21:44:06 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Janes_Realty
[2008.12.05 18:21:20 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Magic Academy
[2008.06.07 13:36:22 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Magic Seeds
[2009.07.08 15:00:49 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Meridian93
[2009.12.26 17:03:37 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Merscom
[2009.02.08 23:17:07 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\MessengerGadget
[2009.01.21 15:07:18 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\MOVAVI
[2009.08.20 13:20:42 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\MP3toiPodAudioBookConverter
[2008.06.06 12:23:24 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\My Games
[2010.08.17 20:51:15 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\NevoSoft Games
[2010.08.21 15:02:59 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Nokia
[2010.07.28 17:50:42 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Nokia Multimedia Player
[2008.01.20 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Oberon Games
[2010.04.29 14:16:34 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\OpenCandy
[2008.12.12 11:45:32 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Opera
[2010.08.31 20:47:29 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Orbit
[2008.06.27 13:47:28 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\PACE Anti-Piracy
[2010.08.21 15:00:49 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\PC Suite
[2010.04.13 21:34:25 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Peace Craft
[2009.02.26 17:08:38 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\PeerNetworking
[2008.12.28 23:31:54 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\PetShowCraze
[2007.11.09 15:25:14 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\phonostar-Player
[2010.09.21 14:05:15 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\PlayFirst
[2010.02.11 12:42:01 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Playrix Entertainment
[2008.12.28 02:22:15 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Pogo Games
[2010.07.25 20:03:59 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\ProgSense
[2010.09.24 15:24:19 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\ProtectDISC
[2009.06.29 17:15:52 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Sandlot Games
[2008.04.12 14:59:08 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\SecondLife
[2009.07.08 19:00:45 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Shape games
[2009.07.06 14:49:55 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Skip-Bo
[2008.09.17 14:59:31 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Sony
[2008.09.20 00:29:54 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\SpinTop Games
[2008.02.14 19:49:41 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Super-Cow
[2008.09.17 15:15:23 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Teleca
[2007.11.10 17:23:13 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Template
[2008.06.13 10:51:45 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\TheScruffs
[2010.08.23 16:00:07 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Thunderbird
[2010.08.25 16:39:47 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2008.04.20 13:59:47 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Ulead Systems
[2010.04.29 19:26:13 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Uniblue
[2009.04.22 15:54:17 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\UNOUndercover
[2009.04.22 19:24:13 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Valusoft
[2010.05.20 14:48:15 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\VideoDing.0E08E46C2708A370803599BBD111EFCF3D93D696.1
[2009.06.21 20:11:37 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\ViquaSoft
[2008.02.10 21:44:26 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Virtual Me
[2010.11.19 16:25:09 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Vso
[2008.03.13 08:50:07 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\WinBatch
[2009.08.05 12:59:17 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\World-LooM
[2010.09.21 15:28:38 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Zylom
[2009.07.06 12:42:59 | 000,000,000 | ---D | M] -- C:\Users\Media\AppData\Roaming\Zylom DressUpRush
[2010.11.19 03:25:23 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:49EB0FDC
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:1CE87230
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:8AA99C0C
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:453190EC
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:71FA8B7F
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:52E1DB1D
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:A18D1A5B
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:9E2BD6A9
@Alternate Data Stream - 72 bytes -> C:\Windows:D08BCD83943D7B2C
@Alternate Data Stream - 314 bytes -> C:\ProgramData\TEMP:6D5196DD
@Alternate Data Stream - 306 bytes -> C:\ProgramData\TEMP:995B275C
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:2FF4577A
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0A8E2C33
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:701FCC18
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9AB338B9
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:C0A504B9
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:B4F0E275
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:55C54F7C
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:DE47A3DA
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A7DA2BCD
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:93226FE3
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:88698068
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:A561576B
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:98AE08EA
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:439E3411
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:EA701346
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0A73A758
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:895A78C5
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:D31BE97C
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:9857FAE3
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:43E95997
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E1D818F7
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:D88D995C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:57EE48CA
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:48FEA089
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:38E2864F
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:0DFE2AE1
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E66FFABE
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9B285B76
@Alternate Data Stream - 1217 bytes -> C:\Users\Media\AppData\Local\VCyCrDYa9lxnPs:VAO9ofoSQb68mfk1
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:A9364E30
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:72DFB801
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:490BCC52
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:E4FCDFD9
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:E3B5F2D1
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:33611CFB
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:C74009E5
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:85C3B823
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:00811B66
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:B093E177
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 1170 bytes -> C:\Program Files\Common Files\System:dz3wYIDkIkzg02uQDsCce0
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:FECEF728
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:6C5EC3CD
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:69FD6BF0
@Alternate Data Stream - 1167 bytes -> C:\ProgramData\Microsoft:sAK0jw8tvvzd2mILG4LFw
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:FDCAE7B5
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:DBC416F8
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:87FA5E8A
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:C928F3BE
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:9026FFAC
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:07241935
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:B606BA34
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:AA004D25
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:9EE6560D
@Alternate Data Stream - 1110 bytes -> C:\ProgramData\Microsoft:D95tCDMr7bJ8nBJshuGRmg
@Alternate Data Stream - 1109 bytes -> C:\Users\Media\AppData\Local\Temp:TN4Vr0d8k2vbzYrdUitOdGLx3o9d
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DF0BC727
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A6346EE9
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:90D89144
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:331B76C7
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:22313216
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:1037D53D
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:FC4EA67C
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:D3A8AA31
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:AA37E770
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:B268A25C
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:A688EF17
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:260575F1
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:4FE30352
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D8DB81DC
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:3BAD65EA
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:C7B98566
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:A0C7D68A
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:D507B5A8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:C2AD09C0
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:02B823FE
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D708EEF9
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D0668210
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:8247A199
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:E32966C0
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:4AD2C54D
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:70E897B5
< End of report >
--- --- ---
2. log
OTL Logfile: Code:
OTL Extras logfile created on: 19.11.2010 22:15:09 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Media\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 38,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 44,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 457,65 Gb Total Space | 204,07 Gb Free Space | 44,59% Space Free | Partition Type: NTFS
Drive D: | 8,11 Gb Total Space | 1,01 Gb Free Space | 12,44% Space Free | Partition Type: NTFS
Computer Name: MEDIA-PC | User Name: Media | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2340796681-800452247-4030987805-1001]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 1
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C0C3C4-0AE4-4DDC-A4D3-AB1BCDB870D8}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{07CBE9C7-6B29-4D83-AECF-9B40D07A667C}" = lport=137 | protocol=17 | dir=in | app=system |
"{18307FAA-A51C-42F2-A536-21DB8A30162A}" = rport=445 | protocol=6 | dir=out | app=system |
"{1A76B3EE-5B12-4395-812E-EC3A3618A301}" = rport=138 | protocol=17 | dir=out | app=system |
"{2DB8A0DF-28C1-4D6B-83A6-CA4F618C2600}" = lport=2869 | protocol=6 | dir=in | app=system |
"{369526D4-4AF1-4EDA-BE87-90D8CEF752FB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3E55B1B5-95DE-40F4-B227-4623EF69E1D7}" = lport=139 | protocol=6 | dir=in | app=system |
"{4DC4B692-1935-40A9-B860-8AE5765CBD56}" = lport=445 | protocol=6 | dir=in | app=system |
"{5C31E65A-1D1E-49A1-B9B8-E77A5D2D061F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6B0E067F-877F-4550-BD99-3E1DF94EFF5C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8522C74A-03DA-48A3-830C-EFE901E3E317}" = rport=139 | protocol=6 | dir=out | app=system |
"{9BB92B12-B965-4461-B44C-01C0BF2B1F4B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B8082070-1B47-45FD-A33E-1E447E644EAE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C17AD186-2AAD-44C2-AA32-B7ED6D73FBB3}" = lport=138 | protocol=17 | dir=in | app=system |
"{C54DFC57-681A-4BF1-A57C-6104512B32B8}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{EB2D1EFF-3A95-4327-854B-4E4DBBF3B34A}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E116AD-8F32-41AA-AA89-80BA16E485A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{04D00A89-803C-4680-B856-C8011AADAF37}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{0F83460F-8DDB-4031-8B20-7DBF7334EA9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F9C9433-28C0-4393-BC16-916D41B44C04}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{19F41F03-BAFC-4A2A-AC7E-8099C7B7CC9E}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{1D72605F-7F96-40D9-8DD5-D7ED3FA16EC5}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{206FB800-5D53-4EAE-B31B-F16D4F3D8AA4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{228B5E03-F42A-4B21-8F9E-D2C38FC4C291}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{2BA48166-4DBB-4B83-8D03-C18C84F487BF}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{2CCB10F0-1D39-4FA5-85A0-20112AEE4874}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{2CEF51B1-11A0-43F2-8789-ADE1DB8BCF05}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2D20E2EF-1509-423D-8234-592FD19BB0D2}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{35AE739F-8D4F-4F0B-9393-6662A2E3EEC8}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{3736A0FB-5278-4410-A16B-9A16620315F5}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{4845E845-B48D-4B08-A87D-E6988ECFB146}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{489DD7E4-D74A-4F43-A365-8A0DCABF1C8C}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{4A29A877-CB16-4F92-B615-E906F08B821D}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{4CD8AE8D-4612-4C71-9525-98976DB98449}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{550440D3-F353-449B-B9E5-B3ECBE668807}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5508B316-F64D-4158-92B1-CBFD8E85AE73}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{551D63A2-6900-471B-A28F-1FD07F6D56E1}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{59DBEAA3-1BCD-483E-9802-D81A9AE5D7A9}" = protocol=6 | dir=in | app=c:\snowboundonline\run.exe |
"{5DD737EB-610D-46C1-B873-05FE4FE78464}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5E623F94-8233-406A-A216-6D13EE259D9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{639BD6CC-DA9A-45FE-B6E7-3BDEC2264107}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{66AF9957-018A-49B9-8672-C99FDF6267C5}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{6A032417-8930-4DC2-8B9D-AB42065F127C}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{6FB98A1D-1206-4073-AC1C-7DF149E810BE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{73E417D4-BB5E-4080-A9E5-066515C4FF6F}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{74FDBB2F-EB19-475B-BEF9-94E8CD40A0E1}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{7C629FA8-9F53-4156-BDEF-BF50987F0B90}" = protocol=17 | dir=in | app=c:\program files\online-dienste\germany\aol\aolde.exe |
"{81E57C7F-00A7-4B2A-993F-D7A99B9FF5D5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{87F4699B-6DB2-431A-A44A-4FB1F389E9E6}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{888887A4-E5CA-4546-BB9E-0B838175232B}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{89A6EB19-DF87-416C-B846-11C4A2CBF005}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C84BDC0-96EE-4161-BFE0-AF2F0422FD38}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{93D467A2-6D81-4106-AAF5-18A10F726D96}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{97DBCDF8-EC69-466E-B6F5-7E2BD430A082}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{A4E1A21C-FAF2-4879-86E5-6E2D669BD3BB}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{A9021395-4588-4C7B-B4D5-7F9D1E39F1AA}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{ABF21F5A-6004-4736-8AAC-C10624F23E0D}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{ADED77B8-E59D-4496-9822-62B896911EFB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B14F28AA-A4D2-4FD4-856B-D47F6C82BBE7}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\pmsregisterfile.exe |
"{B7B670FA-86E1-4A8B-A87D-52C294618B72}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BD78D6AF-B6F8-40E3-AFC8-3D6136A82504}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BE802861-DBAB-4BBD-A754-9D22E2E6CE34}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{C3A9635B-FAC4-468D-AFE3-19F75E6E69AA}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{C5A0B417-387E-48D9-931B-D4376731937F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C643128A-460A-43D1-BADC-B2926C607039}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{C68FEFA9-3C1F-498E-8433-28A75DE43737}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{C8A658A4-B6FA-44E6-98E1-BD743B36A745}" = protocol=17 | dir=in | app=c:\snowboundonline\run.exe |
"{C9035172-5CE3-4627-A833-4A8A2A52763D}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{CF61F384-D3F0-4654-B0D4-A4005DC2B879}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D3DD6E54-9126-4FA8-96A9-7F6F8DF2BA54}" = protocol=6 | dir=in | app=c:\program files\online-dienste\germany\aol\aolde.exe |
"{D8501A15-AB3E-4865-B74F-9345E9F6330F}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{D9A1F819-632C-4EE5-89FE-AAF721A841DC}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{DB1412B1-0B3B-4F80-B4AC-A1AFF631BAE2}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{DB5224EA-74E4-43A7-BA56-80CB4CBF1267}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{E7488183-E131-4D89-B318-C29495A1EA26}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{EB2E55F4-5098-43FF-B59A-75901D730641}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{ED5B22FA-B51A-4849-A5CB-68BA0815037A}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{F3DD4D99-A41A-4414-B762-4824C6DE1F79}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F61E2E85-3240-46EB-8F4B-1342EF8B7C41}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\pmsregisterfile.exe |
"{F75B7C53-F498-41D5-8D98-B240F90A2AEC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F767A70C-28E0-4C4B-A4C7-6FE2BF22A058}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FC2DA986-B8D5-4157-B095-EE4A2FF66C24}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{17931EDF-329D-461C-92C3-92D50A667CD3}C:\program files\yahoo! games\lemonade tycoon 2\lemonade2.exe" = protocol=6 | dir=in | app=c:\program files\yahoo! games\lemonade tycoon 2\lemonade2.exe |
"TCP Query User{27A030C2-79AC-4BE9-B22B-638B0B2D1AA1}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{2901BEB6-174B-4181-8F67-27C012329E9C}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{370C88C7-A9AD-4CDB-9302-E65BD1E1B78E}C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe" = protocol=6 | dir=in | app=c:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe |
"TCP Query User{3D3A40B0-5F38-4690-A288-FE67F708B23E}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{40A20313-51DB-45A9-8CA3-5DFB95261BB5}C:\program files\hexacto games\lemonade tycoon\lemonade.exe" = protocol=6 | dir=in | app=c:\program files\hexacto games\lemonade tycoon\lemonade.exe |
"TCP Query User{68735125-BDCD-4CD0-B723-81DEAA5EF836}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"TCP Query User{B54625B5-90C6-4A4D-BA55-4A535D9AE6D9}C:\program files\don't get angry 2 demo\da2 demo.exe" = protocol=6 | dir=in | app=c:\program files\don't get angry 2 demo\da2 demo.exe |
"TCP Query User{CAF0C30A-D1EA-4E72-AFBA-E4266702975A}C:\program files\nero\nero8\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero8\nero home\nerohome.exe |
"TCP Query User{D0FD0A8F-5FCF-4BC1-ACBF-3C2683F6D75C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{E36C5B9F-9BF1-407F-B654-E676AB36E4DC}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{144F6F44-902D-4D1B-8BCD-3B23FD4213CF}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{381AE462-6E0B-40C1-8491-BD40B7CCC4C7}C:\program files\yahoo! games\lemonade tycoon 2\lemonade2.exe" = protocol=17 | dir=in | app=c:\program files\yahoo! games\lemonade tycoon 2\lemonade2.exe |
"UDP Query User{5522734E-88A2-4E45-86B0-F00475BF7136}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"UDP Query User{64F0CA2A-235E-4BFA-8E5D-6ACF316A1246}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{669F3DAF-FA50-4271-927C-20C868233ABC}C:\program files\don't get angry 2 demo\da2 demo.exe" = protocol=17 | dir=in | app=c:\program files\don't get angry 2 demo\da2 demo.exe |
"UDP Query User{70F9898D-18FB-4350-8F15-DBA4F9DDA146}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{8E392785-7C7E-45F7-9FD2-3AA3CD6F08ED}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{8FCF740B-8412-4966-AEFD-F629F2B196B7}C:\program files\hexacto games\lemonade tycoon\lemonade.exe" = protocol=17 | dir=in | app=c:\program files\hexacto games\lemonade tycoon\lemonade.exe |
"UDP Query User{B80A7A65-5F2C-4006-9518-3E40FDEE8827}C:\program files\nero\nero8\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero8\nero home\nerohome.exe |
"UDP Query User{E62B3E7D-B876-4947-A357-D47DD967B40A}C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe" = protocol=17 | dir=in | app=c:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe |
"UDP Query User{EC684AB3-A50C-4369-A36B-E65392922050}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{012048E1-BFFF-682E-8FA2-8325B2B16784}" = TweetDeck
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0d24468a-a58f-4277-9d7b-e1e7cd9d938a}" = Nero 9 Trial
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{0F122737-72B2-4095-8B3E-7AAE753DFD3D}" = Inhalt für Werkzeuge und Vorlagen für Schüler
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{15803703-25FA-4C01-A062-3F4A59937E87}" = PhotoImpact X3
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{242BCCDC-B37B-4792-A52C-BCDDB1030AF9}" = Zoo Empire
"{25F41450-76BD-5727-EB8B-5BB61617ABD9}" = Video Ding
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{29466F9C-7C6A-419C-B301-F440FAF78760}" = Nokia PC Suite
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{2D6CC267-A37C-467A-92F0-CD8BAB01D1FE}" = Inhalt für Werkzeuge und Vorlagen für Lehrer
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{30B056AF-F414-4B68-B9B0-6EFDB9FCDF18}" = ArcSoft MediaImpression 2
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{363188E4-1A27-4DE6-BA48-823D2E205385}" = ArcSoft Scan-n-Stitch Deluxe
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{37530151-56A6-4CE4-9F9F-CE1F5A1356C6}" = ArcSoft Panorama Maker 4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C5F1B30-B10B-4579-86DD-D00F662E1031}" = Nero 8 Trial
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D5A72E1-1467-4199-8CF6-12DA8D502A6B}" = Veoh Player
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{40DA94AF-34B7-4BA7-A37F-26F899C031FF}" = ArcSoft PhotoStudio Darkroom 2
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}" = Microsoft Research AutoCollage 2008 version 1.1
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{438BB9B4-65FE-4626-91D9-A8F57B18001D}" = Bluesoleil2.6.0.8 Release 070517
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{44F67F77-CD58-4F53-8337-624EF0E0EAA9}" = HunterStone THESIS
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E56BAE4-129F-4CE3-AC78-50EA78E95913}" = Franzis Mathematik Klasse 12
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EDB1CA5-983F-4FC3-A8E3-E34981E05A60}" = Pinnacle VideoSpin
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Fotostory 3 für Windows
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{592ED299-14EF-4C0F-92B4-B62E7CD5A2BE}_is1" = everpixx 3.60
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AF49698-949A-4C89-9B31-041D2CCB5FBD}" = muvee autoProducer 6.0
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = Die Sims 2: Family Fun - Accessoires
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = Die Sims™ 2 IKEA® Home-Accessoires
"{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}" = Intel® Viiv™ Software
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}" = Werkzeuge und Vorlagen für Microsoft Office
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7A3B6B80-B09E-4D48-B652-15A6B9D279D4}" = YoGen Audio Recorder
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.8.5
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115455627}" = Cake Mania 3
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8855FF30-19CE-4CB1-A654-87B38369CCE1}" = orlogix RecordNow MAX
"{88BFE745-3D1F-4B80-8C40-E626E5A8E613}" = Samsung S5230 Wallpaper Creator
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{9F8CEAD4-1D32-47B1-A6FE-1C9BEE11F241}_is1" = MyYouMusic 2.300
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A625D45F-1DC4-47FB-ABCF-6B27684AA717}" = OpenOffice.org 2.3
"{A6E71574-2126-4E95-816E-32B2411C94BA}" = Ulead MediaStudio Pro 8.0 Testversion
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B73C2FF2-3F2E-4972-B414-BC24024FFDD8}" = ArcSoft Print Creations
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C67F36D2-DE45-40B4-8D87-DF4A66A59532}" = PC Suite for Sony Ericsson
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C8B44566-839A-459C-A73D-49764CE216CC}" = ArcSoft Video Downloader
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D20E73F6-FF41-4318-B23A-FB38FBDB14A4}_is1" = Dart Karaoke Studio CDG
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DB909A1C-B447-428F-8103-E8975BCB99F0}" = ArcSoft RAW Thumbnail Viewer
"{DDB263D3-2FD7-47BF-850E-9851EFFF6C6C}" = Sony Ericsson Media Manager 1.1
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1252473-6306-4d5d-904D-B06AA7F38161}" = PC Suite for Sony Ericsson
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E2EE273D-E111-4FFD-ACD4-78E1D35E01D2}" = ArcSoft Photo Book Screen Saver
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{E5AED31E-3474-4C85-B492-42149DE37891}" = MySQL Server 5.0
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E7EADF4C-C40F-467E-96E3-7E62C9CDC079}" = AquaSoft DiaShow 6 for YouTube
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{E8648296-43A2-47B2-8D23-7654831C99F5}" = Franzis Mathematik Klasse 13
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EEC002BD-E0FB-46DF-B724-0521A5170E02}" = Virtual Me Character Creator
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F7107906-5D75-438A-BB33-010818834487}" = IKEA HomePlanner Kitchen
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Windows-Treiberpaket - Nokia Modem (10/12/2007 3.6)
"819D45A9F73817F5B6D7C71A33ADAB88C5DA1765" = Windows-Treiberpaket - Nokia Modem (08/03/2007 6.84.0.2)
"ABC Amber Audio Converter" = ABC Amber Audio Converter
"ABIschnitt" = ABIschnitt 9.16
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Alamandi" = Alamandi
"albelli photo book creator Extra_is1" = albelli photo book creator Extra
"Algebrus_is1" = Algebrus 3.1
"AnalogX Vocal Remover" = AnalogX Vocal Remover
"Artisteer 2" = Artisteer 2
"Ashampoo Photo Commander 6_is1" = Ashampoo Photo Commander 6.30
"Ask Toolbar_is1" = Ask Toolbar
"Astra Screen Saver" = Astra Screen Saver Screen Saver
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"awuag" = Favorit
"BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1" = DVD slideshow GUI 0.9.1.0
"BFGC" = Big Fish Games: Game Manager
"BFG-City Sights - Hello Seattle" = City Sights: Hello Seattle
"BFG-Nanny 911" = Nanny 911
"BFG-Public Enemies - Bonnie and Clyde" = Public Enemies: Bonnie and Clyde
"BFG-Traumhochzeit Las Vegas" = Traumhochzeit Las Vegas
"BSW" = BrettspielWelt
"Cake Mania 3 Deluxe" = Cake Mania 3 Deluxe
"CAMEL SPLASH ANIMATION win 1280x800" = CAMEL SPLASH ANIMATION win 1280x800 Screen Saver
"Canon MP550 series Benutzerregistrierung" = Canon MP550 series Benutzerregistrierung
"CANONBJ_Deinstall_CNMCP66.DLL" = Canon PIXMA iP2000
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CEP - Colour Enable Packages_is1" = CEP - Color Enable Package
"CloneDVD2" = CloneDVD2
"Club der Ermittlerinnen 2_is1" = Club der Ermittlerinnen 2
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"DVDStyler_is1" = DVDStyler v1.7.1
"E.M. Multilayer Image Processing SDK 1.30_is1" = E.M. Multilayer Image Processing SDK 1.30
"EA Download Manager" = EA Download Manager
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Farm Frenzy 3 - Russian Roulette Deluxe" = Farm Frenzy 3 - Russian Roulette Deluxe
"Farm Frenzy 3: American Pie" = Farm Frenzy 3: American Pie
"Flash Slideshow Maker Pro" = Flash Slideshow Maker Pro 4.88
"FotoWorks_is1" = FotoWorks
"Franzis Englisch-Sprachkurs 2_is1" = Franzis Englisch-Sprachkurs 2
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free FLV Converter_is1" = Free FLV Converter V 6.5
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"Free Studio_is1" = Free Studio version 4.8
"Free Video Converter_is1" = Free Video Converter V 1.4
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"Führerschein-Trainer" = Führerschein-Trainer
"FujiDirekt_is1" = FujiDirekt 2.6
"GameHouse" = GameHouse
"Gardenscapes Deluxe" = Gardenscapes Deluxe
"Geheime Fälle: Vermisst in Rom" = Geheime Fälle: Vermisst in Rom
"GELBESEITEN_HAMBURG_2008" = GelbeSeiten für Hamburg und Umgebung 2008
"GlobFX Space Travel" = GlobFX Space Travel
"GNU Backgammon 0.15-stable_is1" = GNU Backgammon 0.15-stable (20061119 code)
"GoldWave v5.20" = GoldWave v5.20
"GoldWave v5.23" = GoldWave v5.23
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"ICQToolbar" = ICQ Toolbar
"igLoader" = igLoader
"InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}" = Ulead PhotoImpact X3
"InstallShield_{242BCCDC-B37B-4792-A52C-BCDDB1030AF9}" = Zoo Empire
"InstallShield_{3D5A72E1-1467-4199-8CF6-12DA8D502A6B}" = Veoh Player
"Intel(R) Configuration Center" = Intel® Viiv™ Software
"IsoBuster_is1" = IsoBuster 2.7
"JDownloader" = JDownloader
"keinohrhase_screensaver.scr" = keinohrhase_screensaver
"LE_CDK" =
"Lexikon - Mathematik" = Lexikon - Mathematik
"M4P MP3 Converter_is1" = M4P MP3 Converter 1.0
"MAGIX Foto Clinic 4.5 D" = MAGIX Foto Clinic 4.5 (D)
"MAGIX Ringtone Maker 2007 silver D" = MAGIX Ringtone Maker 2007 silver 3.1.0.2 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)
"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Mystery P.I. - The New York Fortune Deluxe" = Mystery P.I. - The New York Fortune Deluxe
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"p.i.c.s. Spielesammlung" = p.i.c.s. Spielesammlung
"PC-Doctor 5 for Windows" = Hardware Diagnose Tools
"phonostarRadioPlayer_is1" = phonostar-Player Version 2.01.0
"Photo Pos Pro" = Photo Pos Pro
"PhotoMix_is1" = PhotoMix 5.3
"PhotoScape" = PhotoScape
"PHPNukeDE Toolbar" = PHPNukeDE Toolbar
"Physikus_is1" = Physikus Teil1 ´07
"Picasa 3" = Picasa 3
"Pixelspeed_Layouter" = Pixelspeed Layouter
"PokerStars.net" = PokerStars.net
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"queensberry_scrnsvr_antonella.scr" = queensberry_scrnsvr_antonella ScreenSaver
"Quest3D3d Girlz" = 3d Girlz
"Q-Xpress Installer" = Q-Xpress Installer 1.1.9
"RealArcade" = RealArcade
"RealPlayer 12.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.83
"Ritter Arthur" = Ritter Arthur
"save2pc Light_is1" = save2pc Light 3.32
"Schlag den Raab_is1" = Schlag den Raab
"screensaver.scr" = screensaver
"SecondLife" = SecondLife (remove only)
"Sims2Pack Clean Installer " = Sims2Pack Clean Installer
"Sony Ericsson" = Sony Ericsson Symbian 9 Drivers
"Spiel Des Lebens" = Spiel Des Lebens
"studiVZ Fotobuch" = studiVZ Fotobuch 3.6
"SUPER ©" = SUPER © Version 2009.bld.35 (Jan 5, 2009)
"Teachmaster 3.9" = Teachmaster 3.9 (nur Entfernen)
"tint" = Tint
"Trillian" = Trillian
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.7
"Veoh Video Compass" = Veoh Video Compass
"VideoDing.0E08E46C2708A370803599BBD111EFCF3D93D696.1" = Video Ding
"Videoload Manager" = Videoload Manager 1.0.1545
"VLC media player" = VideoLAN VLC media player 0.8.6f
"Vogue Tales Deluxe" = Vogue Tales Deluxe
"VSO Image Resizer_is1" = VSO Image Resizer 1.3.3
"WAV to MP3" = WAV to MP3
"WinGimp-2.0_is1" = GIMP 2.4.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Winmail Opener" = Winmail Opener 1.4
"WinRAR archiver" = WinRAR
"Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio (3.0.0) Trial Version
"Xilisoft DVD Creator" = Xilisoft DVD Creator
"XP-Games JRE" = XP-Games JRE
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Zattoo4" = Zattoo4 4.0.5
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"98bfe35522602320" = DigitalPrintLab 2.0 für printeria Unikatprint
"AquaSoft DiaShow 6 for YouTube" = AquaSoft DiaShow 6 for YouTube
"Move Media Player" = Move Media Player
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.11.2010 13:23:51 | Computer Name = Media-PC | Source = OviSuite | ID = 1
Description = 19/11/2010 18:23:51 (OviSuite) - ERROR - MessagesPlugin, Thread
GUI, Line 834, .\Application\ItemsView.cpp, CItemsView::getMessageModel(): m_pMsgFilter
is NULL. Could not get message model.
Error - 19.11.2010 13:23:51 | Computer Name = Media-PC | Source = OviSuite | ID = 1
Description = 19/11/2010 18:23:51 (OviSuite) - ERROR - MessagesPlugin, Thread
GUI, Line 834, .\Application\ItemsView.cpp, CItemsView::getMessageModel(): m_pMsgFilter
is NULL. Could not get message model.
Error - 19.11.2010 13:23:51 | Computer Name = Media-PC | Source = OviSuite | ID = 1
Description = 19/11/2010 18:23:51 (OviSuite) - ERROR - MessagesPlugin, Thread
GUI, Line 834, .\Application\ItemsView.cpp, CItemsView::getMessageModel(): m_pMsgFilter
is NULL. Could not get message model.
Error - 19.11.2010 13:23:52 | Computer Name = Media-PC | Source = OviSuite | ID = 1
Description = 19/11/2010 18:23:52 (OviSuite) - ERROR - CommonUtilities, Thread
6, Line 393, .\Application\platform\win\WindowsNetworkUtils.cpp, CWindowsNetworkUtils::SetNAMProxySettings():
Could not found proxy server for Url!
Error - 19.11.2010 13:23:54 | Computer Name = Media-PC | Source = OviSuite | ID = 1
Description = 19/11/2010 18:23:54 (OviSuite) - ERROR - DALService, Thread 7,
Line 86, .\Application\AOContactCreateOperation.cpp, CAOContactCreateOperation::run():
DAL failure detected: (101) converted from MPlatform error [-2147467261:UnknownError(80004003)]
/ Create loop / @ CAOContactCreateOperation::run (.\Application\AOContactCreateOperation.cpp:86)
Error - 19.11.2010 13:23:54 | Computer Name = Media-PC | Source = OviSuite | ID = 1
Description = 19/11/2010 18:23:54 (OviSuite) - ERROR - DALService, Thread 8,
Line 86, .\Application\AOContactCreateOperation.cpp, CAOContactCreateOperation::run():
DAL failure detected: (101) converted from MPlatform error [-2147467261:UnknownError(80004003)]
/ Create loop / @ CAOContactCreateOperation::run (.\Application\AOContactCreateOperation.cpp:86)
Error - 19.11.2010 13:23:54 | Computer Name = Media-PC | Source = OviSuite | ID = 1
Description = 19/11/2010 18:23:54 (OviSuite) - ERROR - DALService, Thread 7,
Line 86, .\Application\AOContactCreateOperation.cpp, CAOContactCreateOperation::run():
DAL failure detected: (101) converted from MPlatform error [-2147467261:UnknownError(80004003)]
/ Create loop / @ CAOContactCreateOperation::run (.\Application\AOContactCreateOperation.cpp:86)
Error - 19.11.2010 13:23:54 | Computer Name = Media-PC | Source = OviSuite | ID = 1
Description = 19/11/2010 18:23:54 (OviSuite) - ERROR - CommonWidgets, Thread
GUI, Line 491, .\Application\CommonNavigationPane2\CommonNavigationPane.cpp, CCommonNavigationPane::getSelectedIndexes():
Selection model is NULL!
Error - 19.11.2010 13:24:01 | Computer Name = Media-PC | Source = OviSuite | ID = 1
Description = 19/11/2010 18:24:01 (OviSuite) - ERROR - CommonWidgets, Thread
GUI, Line 491, .\Application\CommonNavigationPane2\CommonNavigationPane.cpp, CCommonNavigationPane::getSelectedIndexes():
Selection model is NULL!
Error - 19.11.2010 17:12:50 | Computer Name = Media-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.17.3 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 10ec Anfangszeit: 01cb882df370d9f9 Zeitpunkt der Beendigung:
7
[ Media Center Events ]
Error - 18.04.2008 16:52:19 | Computer Name = Media-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.
[ OSession Events ]
Error - 24.07.2010 17:29:56 | Computer Name = Media-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 18.11.2010 19:52:44 | Computer Name = Media-PC | Source = WinDefend | ID = 2004
Description = Beim Laden der Signaturen wurde von %%827 ein Fehler festgestellt.
Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte
Signaturen: %%824 Fehlercode: 0x8050a001 Fehlerbeschreibung: Das Programm kann keine
Definitionsdateien finden, die dazu dienen, unerwünschte Software zu erkennen.
Überprüfen Sie, ob aktualisierte Definitionsdateien vorhanden sind, und versuchen
Sie es dann erneut. Weitere Informationen zum Installieren von Updates finden Sie
unter "Hilfe und Support". Ladende Signaturen: %%825 Ladene Signaturversion: 1.93.1733.0
Ladende
Modulversion: 1.1.6301.0
Error - 18.11.2010 19:57:27 | Computer Name = Media-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 19.11.2010 09:06:53 | Computer Name = Media-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 19.11.2010 09:10:32 | Computer Name = Media-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 19.11.2010 12:33:20 | Computer Name = Media-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie chkdsk auf Volume "HP" aus.
Error - 19.11.2010 13:16:39 | Computer Name = Media-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 19.11.2010 um 17:59:10 unerwartet heruntergefahren.
Error - 19.11.2010 13:19:12 | Computer Name = Media-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 19.11.2010 13:20:06 | Computer Name = Media-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 19.11.2010 13:20:06 | Computer Name = Media-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 19.11.2010 13:25:41 | Computer Name = Media-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >
--- --- --- |
