Arbeitsschritt 3 Code:
========== OTL ==========
Service\Driver key SBSDWSCService not found.
File C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe not found.
Service\Driver key WinDefend not found.
File C:\Program Files\Windows Defender\MpSvc.dll not found.
HKLM\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\Wilko_ON_C\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\Wilko_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\Wilko_ON_C\Software\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
HKU\Wilko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ not found.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ not found.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) not found.
File C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml not found.
File C:\Program Files\mozilla firefox\searchplugins\babylon.xml not found.
File C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}\ not found.
Registry value HKEY_USERS\Wilko_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ not found.
File C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found.
File C:\Windows\tasks\GoogleUpdateTaskMachineUA.job not found.
========== FILES ==========
File\Folder C:\ProgramData\BullGuard not found.
File\Folder C:\Users\Wilko\AppData\Roaming\Panda Security not found.
File\Folder C:\ProgramData\Panda Security not found. < ipconfig /flushdns /c >
Windows IP Configuration
An internal error occurred: The system cannot find the file specified.
Please contact Microsoft Product Support Services for further help.
Additional information: Unable to open registry key for tcpip.
C:\cmd.bat deleted successfully.
C:\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
Empty user temp failed. Cannot find local settings folders.
Empty user temp failed. Cannot find local settings folders.
Empty user temp failed. Cannot find local settings folders.
Empty user temp failed. Cannot find local settings folders.
Empty user temp failed. Cannot find local settings folders.
Empty user temp failed. Cannot find local settings folders.
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1394363 bytes
Total Files Cleaned = 1.00 mb
OTLPE by OldTimer - Version 3.1.48.0 log created on 04262012_184944
Ich hoffe es ist das richtige
Danke für deine Mühe
Arbeitsschritt 4/OTL Code:
OTL logfile created on: 26.04.2012 19:28:01 - Run 1
OTL by OldTimer - Version 3.2.42.1 Folder = C:\Users\Wilko\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,67% Memory free
6,22 Gb Paging File | 5,10 Gb Available in Paging File | 82,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,48 Gb Total Space | 673,17 Gb Free Space | 73,85% Space Free | Partition Type: NTFS
Drive D: | 20,01 Gb Total Space | 10,77 Gb Free Space | 53,81% Space Free | Partition Type: FAT32
Computer Name: WILKO-PC | User Name: Wilko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.04.26 19:25:43 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Wilko\Desktop\OTL.exe
PRC - [2012.04.26 12:58:59 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.03.07 19:05:44 | 000,918,880 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012.03.07 19:05:43 | 000,982,880 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
PRC - [2012.02.02 13:58:06 | 001,196,168 | ---- | M] (SPAMfighter) -- C:\Programme\Fighters\SPYWAREfighter\swproTray.exe
PRC - [2012.02.02 13:26:38 | 000,666,200 | ---- | M] (Preventon Technologies Limited) -- C:\Programme\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
PRC - [2012.02.02 13:26:38 | 000,204,760 | ---- | M] (Preventon Technologies Limited) -- C:\Programme\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
PRC - [2012.01.23 13:40:12 | 001,324,680 | ---- | M] (SPAMfighter ApS) -- C:\Programme\Fighters\FighterSuiteService.exe
PRC - [2012.01.18 17:36:46 | 001,452,680 | ---- | M] (SPAMfighter ApS) -- C:\Programme\Fighters\Tray\FightersTray.exe
PRC - [2011.06.28 23:03:07 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.05.21 06:01:00 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.05.21 06:01:00 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.03.28 16:15:17 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.11.26 14:28:22 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2007.10.09 00:19:22 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.10.09 00:19:20 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
========== Modules (No Company Name) ==========
MOD - [2012.04.26 12:58:59 | 001,014,744 | ---- | M] () -- C:\Programme\Mozilla Firefox\js3250.dll
MOD - [2012.03.07 19:05:43 | 000,982,880 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
MOD - [2011.06.16 09:57:49 | 006,271,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.03.07 19:05:44 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012.02.02 13:26:38 | 000,666,200 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe -- (AV Engine Scanning Service)
SRV - [2012.02.02 13:26:38 | 000,204,760 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe -- (AV Watch Service)
SRV - [2012.01.23 13:40:12 | 001,324,680 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Programme\Fighters\FighterSuiteService.exe -- (Suite Service)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.06.28 23:03:07 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.07 02:00:40 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.11.26 14:28:22 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.10.09 00:19:22 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2012.03.14 23:28:06 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2012.03.14 23:28:06 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2012.02.09 22:43:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.02.02 13:26:40 | 000,010,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avfsfilter.sys -- (AVFSFilter)
DRV - [2011.06.28 23:03:07 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 23:03:07 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007.09.21 10:38:22 | 000,554,496 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2007.04.13 13:22:56 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=a2f009d3000000000000002421791008
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" =
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={F2E3B8DF-87A0-4600-A9DD-4A4533047630}&mid=19cc6e041dff47d19306d16d679df9fb-e8408699c5a580a42d9153b1ea19a2065cc8677d&lang=de&ds=tt014&pr=sa&d=2011-12-21 16:02:27&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\Plasmoo: "URL" = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?babsrc=HP_Prot"
FF - prefs.js..extensions.enabledItems: engine@plasmoo.com:1.0.0.32
FF - prefs.js..extensions.enabledItems: crossriderapp2258@crossrider.com:0.80.26
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.2.0
FF - prefs.js..extensions.enabledItems: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?affID=110819&babsrc=KW_ss&mntrId=a2f009d3000000000000002421791008&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012.04.25 14:06:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.26 12:59:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.26 12:59:06 | 000,000,000 | ---D | M]
[2010.03.18 14:12:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wilko\AppData\Roaming\mozilla\Extensions
[2012.04.26 19:18:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wilko\AppData\Roaming\mozilla\Firefox\Profiles\daafiv2v.default\extensions
[2012.04.25 14:16:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Wilko\AppData\Roaming\mozilla\Firefox\Profiles\daafiv2v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.04.25 14:06:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wilko\AppData\Roaming\mozilla\Firefox\Profiles\daafiv2v.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2012.04.25 14:06:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wilko\AppData\Roaming\mozilla\Firefox\Profiles\daafiv2v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.04.25 14:06:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wilko\AppData\Roaming\mozilla\Firefox\Profiles\daafiv2v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012.04.26 09:02:01 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Wilko\AppData\Roaming\mozilla\Firefox\Profiles\daafiv2v.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2012.04.26 09:01:52 | 000,000,000 | ---D | M] ("I Want This") -- C:\Users\Wilko\AppData\Roaming\mozilla\Firefox\Profiles\daafiv2v.default\extensions\crossriderapp2258@crossrider.com
[2011.06.24 20:23:21 | 000,000,000 | ---D | M] (Plasmoo Search Engine) -- C:\Users\Wilko\AppData\Roaming\mozilla\Firefox\Profiles\daafiv2v.default\extensions\engine@plasmoo.com
[2012.04.26 09:00:58 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Wilko\AppData\Roaming\mozilla\Firefox\Profiles\daafiv2v.default\extensions\ffxtlbr@babylon.com
[2012.04.25 12:29:38 | 000,001,975 | ---- | M] () -- C:\Users\Wilko\AppData\Roaming\Mozilla\Firefox\Profiles\daafiv2v.default\searchplugins\locked-plasmoo.xml.mmww
[2011.04.28 19:42:58 | 000,001,975 | ---- | M] () -- C:\Users\Wilko\AppData\Roaming\Mozilla\Firefox\Profiles\daafiv2v.default\searchplugins\plasmoo.xml
[2010.03.18 14:12:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.26 12:59:02 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.26 12:59:02 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.26 12:59:02 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.26 12:59:02 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {326E768D-4182-46FD-9C16-1449A49795F4} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Programme\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CommonToolkitTray] C:\Programme\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SWPROguard] C:\Programme\Fighters\SPYWAREfighter\swproTray.exe (SPAMfighter)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Wilko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Wilko\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E86B437-C739-441A-8278-65540A0B6C17}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.04.26 23:30:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.04.26 23:30:44 | 000,000,000 | ---D | C] -- \_OTL
[2012.04.26 19:25:41 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Wilko\Desktop\OTL.exe
[2012.04.26 09:14:28 | 000,000,000 | ---D | C] -- C:\Users\Wilko\AppData\Roaming\Malwarebytes
[2012.04.26 09:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.04.26 09:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.26 09:14:14 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.26 09:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.04.26 09:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\DealPly
[2012.04.26 09:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator
[2012.04.26 09:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS
[2012.04.26 09:00:59 | 000,000,000 | ---D | C] -- C:\Program1
[2012.04.26 09:00:59 | 000,000,000 | ---D | C] -- \Program1
[2012.04.26 09:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012.04.26 09:00:40 | 000,000,000 | ---D | C] -- C:\Users\Wilko\AppData\Roaming\Babylon
[2012.04.26 09:00:40 | 000,000,000 | ---D | C] -- C:\Users\Wilko\AppData\Local\Babylon
[2012.04.26 09:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.04.25 15:12:39 | 000,000,000 | ---D | C] -- C:\ProgramData\clp
[2012.04.25 15:12:30 | 000,000,000 | ---D | C] -- C:\Users\Wilko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fighters
[2012.04.25 15:12:30 | 000,000,000 | ---D | C] -- C:\Users\Wilko\AppData\Roaming\Fighters
[2012.04.25 15:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Common Toolkit Suite
[2012.04.25 15:12:02 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters
[2012.04.25 15:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite
[2012.04.25 15:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2012.04.25 14:20:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.04.25 12:24:45 | 000,000,000 | ---D | C] -- C:\Users\Wilko\AppData\Roaming\Realtec
[2012.04.12 00:19:08 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.12 00:19:07 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.04.12 00:19:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.12 00:19:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.12 00:19:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.12 00:19:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.12 00:17:37 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.04.12 00:17:37 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
========== Files - Modified Within 30 Days ==========
[2012.04.26 19:25:43 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Wilko\Desktop\OTL.exe
[2012.04.26 19:20:11 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.26 19:20:11 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.26 19:20:11 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.26 19:20:11 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.26 19:15:43 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2012.04.26 19:15:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.26 19:15:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.26 19:15:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.26 17:35:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.04.26 09:14:17 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.26 09:10:17 | 000,000,711 | ---- | M] () -- C:\user.js
[2012.04.25 15:12:30 | 000,001,931 | ---- | M] () -- C:\Users\Wilko\Desktop\SPYWAREfighter.lnk
[2012.04.25 14:20:32 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.04.25 14:18:00 | 003,077,764 | ---- | M] () -- C:\Users\Wilko\Desktop\MD001764.JPG
[2012.04.25 12:29:49 | 021,073,936 | ---- | M] () -- C:\Users\Wilko\Documents\locked-vlc-1.1.11-win32.exe.pppw
[2012.04.25 12:29:49 | 020,533,281 | ---- | M] () -- C:\Users\Wilko\Documents\locked-vlc-1.1.9-win32.exe.nnnb
[2012.04.25 12:29:49 | 000,000,348 | ---- | M] () -- C:\Users\Wilko\Documents\locked-test.fdb.aaee
[2012.04.25 12:29:48 | 899,012,795 | ---- | M] () -- C:\Users\Wilko\Documents\locked-ADBEPHSPCS4_LS4.7z.nnni
[2012.04.25 12:29:48 | 001,228,240 | ---- | M] () -- C:\Users\Wilko\Documents\locked-ADBEPHSPCS4_LS4.exe.jjnn
[2012.04.25 12:29:38 | 000,975,140 | ---- | M] () -- C:\Users\Wilko\AppData\Roaming\locked-PandaIDProtectHelp_de.chm.eeaa
[2012.04.25 12:28:28 | 000,005,199 | ---- | M] () -- C:\Users\Wilko\locked-.recently-used.xbel.kwpp
[2012.04.25 12:28:28 | 000,001,024 | ---- | M] () -- C:\Users\Wilko\locked-.rnd.lllr
[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2012.04.26 09:14:17 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.26 09:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll
[2012.04.26 09:00:59 | 000,000,711 | ---- | C] () -- C:\user.js
[2012.04.26 09:00:59 | 000,000,711 | ---- | C] () -- \user.js
[2012.04.25 21:16:40 | 003,077,764 | ---- | C] () -- C:\Users\Wilko\Desktop\MD001764.JPG
[2012.04.25 15:12:30 | 000,001,931 | ---- | C] () -- C:\Users\Wilko\Desktop\SPYWAREfighter.lnk
[2012.04.25 14:20:32 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.03.14 23:28:06 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2012.03.14 23:28:06 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2012.02.02 13:26:40 | 000,010,264 | ---- | C] () -- C:\Windows\System32\drivers\avfsfilter.sys
[2011.06.24 21:01:43 | 000,000,000 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.01.23 17:59:59 | 000,975,140 | ---- | C] () -- C:\Users\Wilko\AppData\Roaming\locked-PandaIDProtectHelp_de.chm.eeaa
[2010.09.05 10:50:28 | 000,000,000 | ---- | C] () -- C:\Users\Wilko\AppData\Roaming\wklnhst.dat
========== LOP Check ==========
[2009.08.16 15:20:02 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\Acreon
[2012.04.26 09:00:40 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\Babylon
[2012.04.25 12:29:09 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.25 15:12:41 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\Fighters
[2012.04.25 12:29:09 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\FRITZ!
[2010.09.19 17:16:30 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\gtk-2.0
[2010.12.28 00:09:16 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\Local
[2012.04.25 14:06:16 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\MobMapUpdater
[2012.04.25 14:06:16 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\RIFT
[2012.04.25 12:29:38 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\SurfSecret Privacy Suite
[2012.04.25 14:35:48 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\TS3Client
[2011.11.18 13:24:14 | 000,000,000 | ---D | M] -- C:\Users\Wilko\AppData\Roaming\TuneUp Software
[2012.04.26 19:15:43 | 000,000,522 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2012.04.26 17:35:38 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Arbeitsschritt 4/Extras Code:
OTL Extras logfile created on: 26.04.2012 19:28:01 - Run 1
OTL by OldTimer - Version 3.2.42.1 Folder = C:\Users\Wilko\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,67% Memory free
6,22 Gb Paging File | 5,10 Gb Available in Paging File | 82,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,48 Gb Total Space | 673,17 Gb Free Space | 73,85% Space Free | Partition Type: NTFS
Drive D: | 20,01 Gb Total Space | 10,77 Gb Free Space | 53,81% Space Free | Partition Type: FAT32
Computer Name: WILKO-PC | User Name: Wilko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [scan_with_SPYWAREfighter] -- C:\Program Files\Fighters\SPYWAREfighter\swproTray.exe /scan "%1" (SPAMfighter)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0576484B-CFDF-4578-938E-BA37897346F9}" = rport=445 | protocol=6 | dir=out | app=system |
"{0FD94D0D-A4DF-4168-AE74-D22A00E48FA4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2681CE1A-C4D6-471B-B5B7-0894CAC6DB53}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{26C1D7EA-940A-4124-9E6E-5CB7C909047F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{559BBAC4-D482-4A7A-B6D6-4C3B00B0F17A}" = rport=138 | protocol=17 | dir=out | app=system |
"{65525969-717A-44D4-AE69-ADA9B6573838}" = lport=137 | protocol=17 | dir=in | app=system |
"{90F842E7-65A8-420D-838F-6C99FCEB45FF}" = lport=139 | protocol=6 | dir=in | app=system |
"{925EB8A1-F219-45F4-BBF2-26F589EB34B9}" = rport=137 | protocol=17 | dir=out | app=system |
"{C2533CE6-01EE-4C29-B674-2259A26F5F5B}" = lport=138 | protocol=17 | dir=in | app=system |
"{D1E2B418-1654-499F-AF12-C8A2FFCB0D5F}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{DE025F95-B9B6-4380-B434-D8590FF9CE20}" = lport=445 | protocol=6 | dir=in | app=system |
"{F2FB3BB9-213F-4295-AE0F-75AB1A5C0AF4}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02AB6182-D21C-4BBF-9909-7E0E4B416CFB}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft public test\launcher.exe |
"{294D2D70-8E03-43F0-BF94-1BEA03D83C14}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2D7ED276-8504-4DFB-BE11-F58CBA20A4A0}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{39E6641B-70BA-41F4-B317-4DDE9D5341CE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{4CE0D565-E626-4D6F-BB0E-887FF92BEA05}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft public test\launcher.exe |
"{5327DE85-2141-4473-8B13-DC851EA37CBC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{59583D79-806A-4852-B716-E12C7C0B35B8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F2079AF-FC02-4D10-B544-33B3CEB7C030}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\fboxupd.exe |
"{6747681A-80FD-456C-86BB-252E671571CA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{68320C18-5129-4CAF-B925-E20B2D3169FF}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{6C3FDFDF-9EF2-4693-B13A-7BE49248DFE7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6FF565E2-1756-463F-B5EB-9C2CC85DA4B2}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{736F6E3D-F158-4451-B0A4-17BC2E176E8D}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{7C1F5820-76BE-4824-8D80-FCF846369930}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{8390C588-0905-4B22-BDA9-486A0B88CEE6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8AF6042F-44E6-4CF4-AA02-571EA07B79A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9067DCC7-1091-4812-9544-E07E05B880E9}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\igdctrl.exe |
"{92930DC7-B3A4-4052-861B-904A2444B657}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\fboxupd.exe |
"{9399F18A-F449-4691-B8B5-02CD6814BD2F}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{946BC3A3-0A7C-45FA-8345-13900A4DBE6E}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\webwaigd.exe |
"{A38FE3B4-EAA4-4FDF-A1B1-A91AB7A940C9}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-dede-ptr-downloader.exe |
"{A45BC1A1-BC30-4DDB-9597-A7ED7C83E19C}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{B52F6506-9B41-4120-8860-40CEE06BA907}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{B7285437-C0A4-4FE3-A4ED-23A4FAA7BEBB}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\igdctrl.exe |
"{BD0D44AC-C225-44AC-A669-DB927626DDBF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C1F1BB38-1BD3-4DA0-A838-C27DF1E92AB1}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-dede-ptr-downloader.exe |
"{CC590FEC-8E46-4B5F-8B3F-46F6B419E138}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{D6C8855E-A738-49F0-9E5A-355DDF448582}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\webwaigd.exe |
"{E1E217FA-3A0E-4508-8897-8E5591D01053}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E510A1C7-1EB3-4B1B-927B-24BFF6F1D89B}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{FFC3EB0B-B88A-4AC0-8F85-E76D8F068EB6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{036B3229-B927-4A26-BF9A-ABD2D2A451E5}C:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe |
"TCP Query User{04F528B8-A11B-4A6E-AE0E-45516BD15A52}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe |
"TCP Query User{0BB4E001-2EB2-49B5-8B92-9D5DA1374436}C:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe |
"TCP Query User{0C76E885-CDAE-443B-9889-411D4116086A}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe |
"TCP Query User{21B2A59F-0872-46D7-84CE-997BEE7019DB}C:\users\public\games\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\repair.exe |
"TCP Query User{31241318-CDA1-4E48-A08D-B94FD1203220}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{47BE296B-AECB-4927-9262-5A248B15F6A9}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"TCP Query User{59D4DEAF-F870-422D-A35A-0F05340EE54D}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe |
"TCP Query User{6BE3C736-280E-44F3-BB47-1B54934921E7}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{7CA71000-EEFC-4B6A-9C4A-ED8F4521DE7C}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe |
"TCP Query User{7D330FEB-F041-4757-86AD-C8127BC0F0D8}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe |
"TCP Query User{7E6D6AD4-8853-4479-9A99-606C36F3815D}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"TCP Query User{E6ACB204-84F8-466D-AB9E-92971061F8AB}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{F83FF41E-ABE2-40DE-AACD-458C3B02869F}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{0C8BCE82-801F-4872-8F4E-0CD039BA8FCC}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{34AB392B-DFB6-4973-BFBD-00BC3DBEF053}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe |
"UDP Query User{3F2DD4BB-371E-4107-ABE0-90D4EFFC330E}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe |
"UDP Query User{4B87675B-29B4-4E8F-8C3B-A7AD897C31EE}C:\users\public\games\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\repair.exe |
"UDP Query User{56697D47-352C-4989-A8BA-A8E67D12FB3A}C:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe |
"UDP Query User{5A6B024F-7BA7-4629-A927-0A8C1831590C}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe |
"UDP Query User{5B7444B1-6D08-4561-99FA-C6C3C8DDE5DE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{6DA3A4F2-EFDB-44B7-95D9-6821242FB8E1}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{6E16473C-0D40-4466-9ABB-F41DFBDA1401}C:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe |
"UDP Query User{8CB7A0DA-6CC0-486C-897A-AF4C17BC963F}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe |
"UDP Query User{9766B614-0D24-4B0C-B1AA-D17AB31141F1}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe |
"UDP Query User{E50789E4-BB9A-47F0-8779-7839BE9AC599}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{EDA0633E-6733-49EC-AF9B-B5E7A22A5B3B}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{F188E26F-F376-4D92-93EF-029298BB8989}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.12.0
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4D182C-35C7-4791-8484-4304EBC9101A}" = Windows 7 Upgrade Advisor
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B108EF72-A5F3-4C9E-AA47-3E8474D1B5A2}" = Fighters
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DealPly" = DealPly
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"PDF Creator" = PDF Creator
"PROSetDX" = Intel(R) PRO Network Connections 12.1.12.0
"SPYWAREfighter" = SPYWAREfighter
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.10.2011 10:08:56 | Computer Name = Wilko-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 28.10.2011 05:00:56 | Computer Name = Wilko-PC | Source = WinMgmt | ID = 10
Description =
Error - 28.10.2011 05:01:09 | Computer Name = Wilko-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 28.10.2011 05:01:09 | Computer Name = Wilko-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 28.10.2011 11:16:47 | Computer Name = Wilko-PC | Source = WinMgmt | ID = 10
Description =
Error - 28.10.2011 11:16:59 | Computer Name = Wilko-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 28.10.2011 11:16:59 | Computer Name = Wilko-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 29.10.2011 04:21:06 | Computer Name = Wilko-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.10.2011 04:21:26 | Computer Name = Wilko-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 29.10.2011 04:21:26 | Computer Name = Wilko-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ System Events ]
Error - 26.04.2012 02:48:46 | Computer Name = Wilko-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.04.2012 02:48:56 | Computer Name = Wilko-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 26.04.2012 05:20:18 | Computer Name = Wilko-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.04.2012 05:20:27 | Computer Name = Wilko-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 26.04.2012 06:57:42 | Computer Name = Wilko-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.04.2012 06:57:51 | Computer Name = Wilko-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 26.04.2012 11:34:12 | Computer Name = Wilko-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.04.2012 11:34:12 | Computer Name = Wilko-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 26.04.2012 13:15:54 | Computer Name = Wilko-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.04.2012 13:15:54 | Computer Name = Wilko-PC | Source = Service Control Manager | ID = 7026
Description =
[ TuneUp Events ]
Error - 21.12.2011 11:00:06 | Computer Name = Wilko-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 21.12.2011 15:24:38 | Computer Name = Wilko-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 22.12.2011 04:54:20 | Computer Name = Wilko-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 22.12.2011 11:29:35 | Computer Name = Wilko-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 23.12.2011 04:14:21 | Computer Name = Wilko-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 23.12.2011 12:10:55 | Computer Name = Wilko-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 25.12.2011 06:31:00 | Computer Name = Wilko-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 26.04.2012 03:14:31 | Computer Name = Wilko-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-26 09:14:31', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2204',0)
Error - 26.04.2012 03:15:11 | Computer Name = Wilko-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-26 09:15:11', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2380',0)
Error - 26.04.2012 04:14:37 | Computer Name = Wilko-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-26 10:14:37', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','3608',0)
< End of report >
Vielen Dank
Arbeitsschritt 5/meine Programme Code:
Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 24.07.2009 14,0MB
Adobe AIR Adobe Systems Inc. 02.10.2009 1.1.0.5790
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 28.05.2011 10.3.181.14
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 15.06.2011 2,95MB 10.3.181.26
Adobe Reader 9.4.5 - Deutsch Adobe Systems Incorporated 15.06.2011 167,4MB 9.4.5
Adobe Shockwave Player 11.5 Adobe Systems, Inc. 15.12.2010 8,95MB 11.5.9.615
AVG Security Toolbar AVG Technologies 06.03.2012 10,00MB 10.2.0.3
Avira AntiVir Personal - Free Antivirus Avira GmbH 13.02.2012 73,0MB 10.2.0.707
CCleaner Piriform 24.04.2012 4,46MB 3.17
Compatibility Pack für 2007 Office System Microsoft Corporation 19.03.2012 70,6MB 12.0.6612.1000
Curse Client Curse 20.02.2012 4.0.1.180
DealPly DealPly 25.04.2012 0,46MB
Intel(R) Matrix Storage Manager 24.07.2009 3,77MB
Intel(R) PRO Network Connections 12.1.12.0 Intel 23.06.2009 8,21MB
Java(TM) 6 Update 14 Sun Microsystems, Inc. 23.06.2009 97,5MB 6.0.140
Malwarebytes Anti-Malware Version 1.61.0.1400 Malwarebytes Corporation 25.04.2012 11,7MB 1.61.0.1400
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 23.06.2009 37,6MB
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 23.06.2009 37,6MB
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 25.06.2010 120,3MB 4.0.30319
Microsoft Office File Validation Add-In Microsoft Corporation 15.09.2011 7,95MB 14.0.5130.5003
Microsoft Office Home and Student 2007 Microsoft Corporation 20.03.2012 320MB 12.0.6612.1000
Microsoft Office Live Add-in 1.3 Microsoft Corporation 23.06.2009 0,48MB 2.0.2313.0
Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 19.03.2012 62,2MB 12.0.6612.1000
Microsoft Silverlight Microsoft Corporation 14.02.2012 25,9MB 4.1.10111.0
Microsoft SQL Server 2005 Compact Edition [DEU] Microsoft Corporation 23.06.2009 0,32MB 3.1.0000
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 23.06.2009 1,74MB 3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 05.09.2010 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 16.06.2011 0,29MB 8.0.61001
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 05.09.2010 0,19MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 11.04.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 30.06.2011 1,41MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 24.07.2009 0,58MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 0,58MB 9.0.30729.6161
Microsoft Works Microsoft Corporation 11.04.2012 711MB 9.7.0621
Mozilla Firefox (3.6.28) Mozilla 25.04.2012 28,3MB 3.6.28 (de)
MSXML 4.0 SP2 (KB936181) Microsoft Corporation 23.06.2009 1,28MB 4.20.9848.0
MSXML 4.0 SP2 (KB941833) Microsoft Corporation 23.06.2009 1,28MB 4.20.9849.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 23.06.2009 1,29MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 25.11.2009 1,35MB 4.20.9876.0
NVIDIA Grafiktreiber 275.33 NVIDIA Corporation 18.07.2011 89,7MB 275.33
NVIDIA PhysX-Systemsoftware 9.10.0514 NVIDIA Corporation 06.01.2011 73,3MB 9.10.0514
NVIDIA Update 1.3.5 NVIDIA Corporation 18.07.2011 6,37MB 1.3.5
PDF Creator 25.04.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 23.06.2009 9,79MB 6.0.1.5783
Spelling Dictionaries Support For Adobe Reader 9 Adobe Systems Incorporated 20.01.2011 29,7MB 9.0.0
Spybot - Search & Destroy Safer Networking Limited 16.01.2010 59,9MB 1.6.2
SPYWAREfighter SPAMFIGHTER ApS 24.04.2012 17,3MB 4.1.133
TeamSpeak 3 Client TeamSpeak Systems GmbH 26.01.2010 27,9MB
TuneUp Utilities 2009 TuneUp Software 25.11.2009 47,0MB 8.0.3310.3
VLC media player 1.1.11 VideoLAN 23.08.2011 78,1MB 1.1.11
Windows 7 Upgrade Advisor Microsoft Corporation 02.01.2010 8,77MB 2.0.5000.0
Windows Live Anmelde-Assistent Microsoft Corporation 23.06.2009 1,93MB 5.000.818.6
Windows Live Essentials Microsoft Corporation 23.06.2009 136,5MB 14.0.8050.1202
Windows Live Sync Microsoft Corporation 23.06.2009 2,80MB 14.0.8050.1202
Windows Live-Uploadtool Microsoft Corporation 23.06.2009 0,22MB 14.0.8014.1029
WinRAR 24.07.2009 3,73MB
World of Warcraft Blizzard Entertainment 28.02.2012 29.377MB 4.3.3.15354
World of Warcraft Public Test Blizzard Entertainment 16.01.2011 12.762MB 0.0.0.0 |