Ich habe versehentlich die Logfiles als ZIP Datei angehängt....
man soll es ja wohl als Text in den Thread einfügen.
OTL Logfile:OTL Logfile: Code:
OTL logfile created on: 27.06.2012 02:13:54 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\rudolphnaomi
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,86 Gb Total Physical Memory | 3,13 Gb Available Physical Memory | 53,50% Memory free
11,71 Gb Paging File | 8,89 Gb Available in Paging File | 75,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 291,43 Gb Total Space | 207,60 Gb Free Space | 71,24% Space Free | Partition Type: NTFS
Drive F: | 289,64 Gb Total Space | 67,69 Gb Free Space | 23,37% Space Free | Partition Type: NTFS
Drive H: | 1397,26 Gb Total Space | 1009,80 Gb Free Space | 72,27% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 120,47 Gb Free Space | 12,93% Space Free | Partition Type: NTFS
Computer Name: RUDOLPHNAOMI-PC | User Name: rudolphnaomi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.27 01:57:47 | 000,302,592 | ---- | M] () -- C:\Users\rudolphnaomi\ffr6qkw0.exe
PRC - [2012.06.27 01:56:15 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\rudolphnaomi\OTL.exe
PRC - [2012.06.19 15:38:29 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Users\rudolphnaomi\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Users\rudolphnaomi\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Users\rudolphnaomi\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.01.17 21:18:44 | 000,232,616 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2012.01.04 20:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.02.24 06:54:40 | 001,078,352 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011.02.24 06:54:40 | 000,347,216 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.02.24 06:54:40 | 000,332,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.02.01 23:24:42 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 23:24:40 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.12.29 14:56:22 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2010.12.29 14:56:18 | 000,181,632 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2010.12.12 15:58:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010.12.09 22:25:22 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
PRC - [2010.12.07 14:48:44 | 000,701,736 | ---- | M] (CyberLink Corporation.) -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
PRC - [2010.11.23 16:08:02 | 003,507,592 | ---- | M] (MARKEMENT) -- C:\Users\rudolphnaomi\PCSUITE DEFRAG\pcsuitedefragsvc.exe
PRC - [2010.11.23 09:33:20 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010.11.12 03:21:52 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.11.12 03:21:36 | 000,296,768 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010.10.27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.09.28 05:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010.09.18 02:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010.09.18 02:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.09.14 04:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.14 04:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.08.25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.08.02 21:13:12 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2010.05.08 13:48:36 | 000,229,376 | ---- | M] () -- C:\ProgramData\DataCardService\DCService.exe
PRC - [2010.05.08 13:48:26 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DataCardService\DCSHelper.exe
PRC - [2010.04.27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.01.29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009.06.03 13:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.27 01:57:47 | 000,302,592 | ---- | M] () -- C:\Users\rudolphnaomi\ffr6qkw0.exe
MOD - [2012.06.19 15:38:28 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.06.14 19:13:46 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.06.14 19:13:27 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.14 12:32:48 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll
MOD - [2012.06.14 12:28:34 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.05.11 19:21:39 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
MOD - [2012.05.11 01:23:17 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.11 01:22:42 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.11 01:22:37 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.11 01:22:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.11 01:22:34 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.11 01:22:29 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.04.15 06:26:25 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.12.29 14:56:18 | 000,181,632 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MOD - [2010.12.29 14:56:16 | 000,210,312 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.12 03:22:22 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2010.02.09 11:52:34 | 033,744,168 | ---- | M] () -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\Res.dll
MOD - [2009.06.03 13:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 13:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.06.26 23:06:01 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.19 15:38:28 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Users\rudolphnaomi\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.04.14 20:57:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.02.24 06:54:40 | 000,347,216 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.02.01 23:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011.02.01 23:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2011.01.06 15:32:14 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.12.12 15:58:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.11.23 18:33:22 | 000,240,112 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010.11.23 16:08:02 | 003,507,592 | ---- | M] (MARKEMENT) [Auto | Running] -- C:\Users\rudolphnaomi\PCSUITE DEFRAG\pcsuitedefragsvc.exe -- (PCSUITEDFRGSVC)
SRV - [2010.11.12 03:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.10.08 02:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV - [2010.09.28 04:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.14 04:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.06.02 01:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.05.08 13:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DataCardService\DCService.exe -- (DCService.exe)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.22 15:32:05 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011.02.22 15:32:05 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011.02.22 15:32:05 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011.01.27 18:57:14 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.01.20 18:15:30 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2011.01.20 18:15:28 | 000,067,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2011.01.19 20:28:26 | 000,052,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2011.01.17 15:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2011.01.13 18:22:24 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2010.12.12 15:58:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.09 12:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.15 10:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.10.08 02:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.09.30 07:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.09.30 07:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.09.14 04:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.07.29 15:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.07.15 19:11:54 | 000,024,560 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLBStor.sys -- (CLBStor)
DRV:64bit: - [2010.07.15 19:11:52 | 000,377,840 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\CLBUDF.sys -- (CLBUDF)
DRV:64bit: - [2010.07.09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010.04.20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010.04.09 15:24:32 | 000,076,288 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010.04.07 17:05:00 | 000,250,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010.03.25 10:08:46 | 000,120,704 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.03.20 11:56:56 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=111304&babsrc=SP_ss&mntrId=8c22f5f7000000000000000000000000
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://blekko.com/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb&u=2012040122B8418182128725BF352EFF&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox"
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=414&sr=0&q="
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.19 15:38:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.11 23:11:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.22 19:03:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.19 15:38:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.11 23:11:10 | 000,000,000 | ---D | M]
[2012.02.08 06:01:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Extensions
[2011.05.08 17:01:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.06.07 21:56:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Firefox\Profiles\fayoap6x.default\extensions
[2012.04.01 14:41:18 | 000,000,000 | ---D | M] (Spam Free Search Bar) -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Firefox\Profiles\fayoap6x.default\extensions\{00f12770-e60e-4dc6-9105-425bface7c73}
[2012.02.08 06:01:45 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Firefox\Profiles\fayoap6x.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012.06.06 17:39:35 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Firefox\Profiles\fayoap6x.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2012.03.25 15:44:03 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Firefox\Profiles\fayoap6x.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.04 21:47:47 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Firefox\Profiles\fayoap6x.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2012.06.07 21:56:10 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Firefox\Profiles\fayoap6x.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.02.19 18:54:21 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Firefox\Profiles\fayoap6x.default\extensions\engine@conduit.com
[2012.02.20 20:53:05 | 000,000,000 | ---D | M] ("VWC Cocoon") -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Firefox\Profiles\fayoap6x.default\extensions\firefox-support@vworldc.com
[2012.05.11 00:05:12 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\rudolphnaomi\AppData\Roaming\mozilla\Firefox\Profiles\fayoap6x.default\extensions\toolbar@ask.com
[2012.02.08 06:01:42 | 000,002,515 | ---- | M] () -- C:\Users\rudolphnaomi\AppData\Roaming\Mozilla\Firefox\Profiles\fayoap6x.default\searchplugins\Search_Results.xml
[2012.06.27 00:28:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.05.09 12:43:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.05.10 23:13:22 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
[2012.04.21 12:52:03 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\RUDOLPHNAOMI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FAYOAP6X.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.06.19 15:38:29 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.19 15:38:27 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.05.21 01:49:39 | 000,002,313 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.06.19 15:38:27 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.01 14:41:19 | 000,002,127 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\blekkotb.xml
[2012.06.19 15:38:27 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.19 15:38:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.08 06:01:42 | 000,002,515 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.19 15:38:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.19 15:38:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&appid=0&systemid=414&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - Extension: YouTube = C:\Users\rudolphnaomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\rudolphnaomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Skype Click to Call = C:\Users\rudolphnaomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Google Mail = C:\Users\rudolphnaomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012.06.27 00:03:05 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Updater For Spam Free Search Bar) - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll (Visicom Media)
O2 - BHO: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.5.21.0\bh\Softonic.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll ()
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [InstantBurn] C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Users\rudolphnaomi\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Philips Intelligent Agent] NOT_IN_USE_DUMMY_PATH File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Users\rudolphnaomi\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\rudolphnaomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\rudolphnaomi\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\rudolphnaomi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\rudolphnaomi\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\rudolphnaomi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E419700-F808-4C5E-9B64-986EDA6248F1}: NameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24633557-4505-4465-96FA-634A637F8389}: NameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3201B939-259A-4598-98A8-0FA14BEC969F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4782D1AC-F6F1-4D8A-AC31-474F4D3352D7}: NameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E3795CB-9102-4DD1-8360-FDEBE0D67FBA}: NameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5035829A-AA92-4C1D-A69C-727D304EAB41}: NameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6541077F-7E3E-4ACA-B69B-5107E4F1FE9E}: NameServer = 193.189.244.225 193.189.244.206
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.01.19 10:47:05 | 000,008,192 | ---- | M] (Microsoft) - H:\AutoOff.exe -- [ NTFS ]
O32 - AutoRun File - [2012.01.19 10:47:05 | 000,000,076 | ---- | M] () - H:\autorun.unf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.27 01:56:11 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\rudolphnaomi\OTL.exe
[2012.06.27 01:31:41 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\AppData\Roaming\Malwarebytes
[2012.06.27 01:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.27 01:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.27 01:31:29 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.27 01:31:29 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\Malwarebytes' Anti-Malware
[2012.06.27 01:30:18 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\rudolphnaomi\malwarebytes_antimalware_1.61.exe
[2012.06.27 00:03:07 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.06.26 23:25:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.06.26 23:25:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.06.26 23:25:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.06.26 23:22:28 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.06.26 23:22:17 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.06.26 23:06:10 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\AppData\Local\Zattoo
[2012.06.26 23:04:51 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zattoo4
[2012.06.26 23:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4
[2012.06.26 23:04:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zattoo4
[2012.06.26 04:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MARKEMENT
[2012.06.26 04:59:47 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\PCSUITE DEFRAG
[2012.06.15 01:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink deutsch
[2012.06.15 01:19:37 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\DVD Shrink DE
[2012.06.15 01:16:56 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\AppData\Local\Macromedia
[2012.06.13 21:39:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2012.06.13 21:39:00 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\AppData\Roaming\Canon
[2012.06.13 21:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP270 series Benutzerregistrierung
[2012.06.13 21:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012.06.13 21:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012.06.13 21:34:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP270 series Manual
[2012.06.13 21:32:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012.06.07 22:00:38 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\Desktop\PictureConverter_5b8[2]
[2012.06.07 21:57:06 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\AppData\Local\PictureConverter
[2012.06.07 21:56:55 | 000,000,000 | ---D | C] -- C:\Users\rudolphnaomi\Tracing
[2012.04.14 03:56:07 | 031,784,856 | ---- | C] (IObit ) -- C:\Users\rudolphnaomi\asc52-setup.exe
[2012.03.25 15:42:50 | 024,319,064 | ---- | C] (DVDVideoSoft Ltd. ) -- C:\Users\rudolphnaomi\FreeYouTubeToMP3Converter_3.11.17.exe
[2012.03.18 11:58:28 | 008,697,544 | ---- | C] (Georgy Berdyshev) -- C:\Users\rudolphnaomi\CDex-win32-1.70-b4-2009.exe
[2012.03.16 12:27:30 | 003,559,856 | ---- | C] (Audiograbber Deutschland) -- C:\Users\rudolphnaomi\jTeqlNrdggxTsleTJdoeT
[2012.03.16 12:27:30 | 003,559,856 | ---- | C] (Audiograbber Deutschland) -- C:\Users\rudolphnaomi\agsetup183se.exe
[2012.03.13 11:40:05 | 005,183,896 | ---- | C] (Canneverbe Limited ) -- C:\Users\rudolphnaomi\cdbxp_setup_4.4.0.2971.exe
[2012.03.11 22:55:56 | 003,628,016 | ---- | C] (Piriform Ltd) -- C:\Users\rudolphnaomi\ccsetup316.exe
[2012.03.03 23:30:15 | 023,805,536 | ---- | C] (Any-Video-Converter.com ) -- C:\Users\rudolphnaomi\avc-free.exe
[2012.03.02 03:54:07 | 004,452,672 | ---- | C] (Systweak Inc ) -- C:\Users\rudolphnaomi\sysrc_trial_9407_german.exe
[2012.02.21 04:02:22 | 012,869,448 | ---- | C] (Nullsoft, Inc.) -- C:\Users\rudolphnaomi\winamp5623_full_emusic-7plus_de-de.exe
[2012.02.14 04:58:55 | 007,760,687 | ---- | C] (Boraxsoft) -- C:\Users\rudolphnaomi\AppData\Roaming\SetupGFD.exe
[2012.02.14 04:58:31 | 005,082,084 | ---- | C] (The Public) -- C:\Users\rudolphnaomi\AppData\Roaming\Avisynth.exe
[2012.02.08 06:09:25 | 015,641,312 | ---- | C] (Mozilla) -- C:\Users\rudolphnaomi\Firefox Setup 10.0.exe
[2012.02.08 06:00:23 | 000,437,128 | ---- | C] (Bandoo Media Inc) -- C:\Users\rudolphnaomi\Setup_FreeVideoConverter_3.1.0.0.exe
[2012.01.19 18:40:00 | 016,858,064 | ---- | C] (Mozilla) -- C:\Users\rudolphnaomi\Thunderbird Setup 9.0.1.exe
[2011.11.07 17:07:45 | 002,317,824 | ---- | C] (Ikysasoft s.r.l. uninominale ) -- C:\Users\rudolphnaomi\burn4free_setup.exe
[2011.10.28 23:10:38 | 006,944,360 | ---- | C] (MyPlayCity, Inc. ) -- C:\Users\rudolphnaomi\nfe_setup.exe
[2011.10.12 22:14:51 | 000,742,216 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\rudolphnaomi\install_reader10_de_gtba_aih.exe
[2011.09.16 07:52:52 | 016,456,080 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Program Files (x86)\FreeAudioConverter2.3.1.727.exe
[2011.08.10 03:06:28 | 003,211,616 | ---- | C] (Ghisler Software GmbH) -- C:\Program Files (x86)\tcmd750a.exe
[2011.07.21 18:10:06 | 010,917,440 | ---- | C] (Tech Soft GmbH ) -- C:\Users\rudolphnaomi\w32-461-de1.exe
[2011.05.11 00:03:30 | 000,536,640 | ---- | C] (NCH Software) -- C:\Program Files (x86)\burnsetup.exe
[2011.05.10 23:27:44 | 001,285,814 | ---- | C] (Crystal Rich, Ltd ) -- C:\Program Files (x86)\lockhuntersetup64.exe
[2011.05.10 22:06:02 | 002,155,832 | ---- | C] (Piriform Ltd) -- C:\Program Files (x86)\CCleaner.exe
[2011.05.08 17:18:14 | 000,598,086 | ---- | C] (DVD Shrink) -- C:\Program Files (x86)\DVD Shrink 3.2.exe
[2010.01.23 02:59:40 | 002,495,080 | ---- | C] (Amazon.com) -- C:\Users\rudolphnaomi\NjlGGtdffNGeneNuqo
[2010.01.23 02:59:40 | 002,495,080 | ---- | C] (Amazon.com) -- C:\Users\rudolphnaomi\AmazonMP3Downloader.exe
[2005.07.04 17:35:43 | 000,155,648 | ---- | C] (Illustrate) -- C:\Users\rudolphnaomi\WMA8Connect.dll
========== Files - Modified Within 30 Days ==========
[2012.06.27 02:21:26 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.27 02:08:54 | 000,000,000 | ---- | M] () -- C:\Users\rudolphnaomi\defogger_reenable
[2012.06.27 01:57:47 | 000,302,592 | ---- | M] () -- C:\Users\rudolphnaomi\ffr6qkw0.exe
[2012.06.27 01:56:15 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\rudolphnaomi\OTL.exe
[2012.06.27 01:52:57 | 000,050,477 | ---- | M] () -- C:\Users\rudolphnaomi\Defogger.exe
[2012.06.27 01:50:03 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.27 01:31:37 | 000,000,994 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.27 01:30:28 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\rudolphnaomi\malwarebytes_antimalware_1.61.exe
[2012.06.27 00:34:38 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.27 00:34:38 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.27 00:27:14 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.27 00:27:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.27 00:26:50 | 420,368,383 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.27 00:03:05 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.06.26 23:06:50 | 000,017,408 | ---- | M] () -- C:\Users\rudolphnaomi\AppData\Local\WebpageIcons.db
[2012.06.26 23:04:51 | 000,001,836 | ---- | M] () -- C:\Users\rudolphnaomi\Desktop\Zattoo.lnk
[2012.06.26 21:24:03 | 001,506,942 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.26 21:24:03 | 000,656,980 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.26 21:24:03 | 000,618,822 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.26 21:24:03 | 000,131,462 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.26 21:24:03 | 000,107,844 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.26 04:59:49 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\PCSUITE DEFRAG.lnk
[2012.06.26 04:56:15 | 000,000,032 | ---- | M] () -- C:\Windows\Menu.INI
[2012.06.24 17:55:43 | 000,181,760 | ---- | M] () -- C:\Users\rudolphnaomi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.15 01:19:38 | 000,000,933 | ---- | M] () -- C:\Users\rudolphnaomi\Desktop\DVD Shrink 3.2 deutsch (DeCSS-frei).lnk
[2012.06.14 19:12:08 | 000,381,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.13 21:36:40 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP270 series Benutzerregistrierung.LNK
[2012.06.13 21:36:11 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012.06.13 21:36:00 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
[2012.06.13 21:35:11 | 000,002,063 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk
[2012.06.13 21:34:40 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2012.06.13 21:34:20 | 000,002,320 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP270 series Online-Handbuch.lnk
[2012.06.12 01:51:25 | 000,002,348 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.06.12 01:18:37 | 000,000,898 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2012.06.07 22:00:00 | 000,608,780 | ---- | M] () -- C:\Users\rudolphnaomi\Desktop\PictureConverter_5b8[2].zip
[2012.06.07 21:58:58 | 000,608,780 | ---- | M] () -- C:\Users\rudolphnaomi\Desktop\PictureConverter_5b8[1].zip
[2012.06.07 21:54:40 | 000,608,780 | ---- | M] () -- C:\Users\rudolphnaomi\Desktop\PictureConverter_5b8.zip
========== Files Created - No Company Name ==========
[2012.06.27 02:08:54 | 000,000,000 | ---- | C] () -- C:\Users\rudolphnaomi\defogger_reenable
[2012.06.27 01:57:45 | 000,302,592 | ---- | C] () -- C:\Users\rudolphnaomi\ffr6qkw0.exe
[2012.06.27 01:52:47 | 000,050,477 | ---- | C] () -- C:\Users\rudolphnaomi\Defogger.exe
[2012.06.27 01:31:37 | 000,000,994 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.26 23:25:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.06.26 23:25:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.06.26 23:25:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.06.26 23:25:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.06.26 23:25:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.06.26 23:06:10 | 000,017,408 | ---- | C] () -- C:\Users\rudolphnaomi\AppData\Local\WebpageIcons.db
[2012.06.26 23:04:51 | 000,001,836 | ---- | C] () -- C:\Users\rudolphnaomi\Desktop\Zattoo.lnk
[2012.06.26 04:59:49 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\PCSUITE DEFRAG.lnk
[2012.06.25 19:24:19 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2012.06.15 01:19:38 | 000,000,933 | ---- | C] () -- C:\Users\rudolphnaomi\Desktop\DVD Shrink 3.2 deutsch (DeCSS-frei).lnk
[2012.06.13 21:36:40 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP270 series Benutzerregistrierung.LNK
[2012.06.13 21:36:11 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012.06.13 21:36:00 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
[2012.06.13 21:35:11 | 000,002,063 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk
[2012.06.13 21:34:40 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2012.06.13 21:34:20 | 000,002,320 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP270 series Online-Handbuch.lnk
[2012.06.07 21:59:59 | 000,608,780 | ---- | C] () -- C:\Users\rudolphnaomi\Desktop\PictureConverter_5b8[2].zip
[2012.06.07 21:58:57 | 000,608,780 | ---- | C] () -- C:\Users\rudolphnaomi\Desktop\PictureConverter_5b8[1].zip
[2012.06.07 21:55:50 | 000,000,898 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2012.06.07 21:54:39 | 000,608,780 | ---- | C] () -- C:\Users\rudolphnaomi\Desktop\PictureConverter_5b8.zip
[2012.05.27 11:52:42 | 000,062,065 | ---- | C] () -- C:\Users\rudolphnaomi\ransom_file_unlocker.zip
[2012.05.02 05:29:18 | 000,007,613 | ---- | C] () -- C:\Users\rudolphnaomi\AppData\Local\Resmon.ResmonCfg
[2012.03.16 13:09:50 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.03.02 04:12:07 | 000,977,338 | ---- | C] () -- C:\Users\rudolphnaomi\EFRC2.8Setup.exe
[2012.02.20 20:27:01 | 000,439,766 | ---- | C] () -- C:\Users\rudolphnaomi\vwc_cocoon-1.17b.zip
[2012.02.14 04:59:45 | 000,034,936 | ---- | C] () -- C:\Windows\SysWow64\uninstHelixYUV.exe
[2012.02.14 04:58:47 | 005,243,208 | ---- | C] ( ) -- C:\Users\rudolphnaomi\AppData\Roaming\AvsP.exe
[2012.02.14 04:58:45 | 001,357,348 | ---- | C] () -- C:\Users\rudolphnaomi\AppData\Roaming\MatroskaSplitter.exe
[2012.02.06 12:09:05 | 000,192,834 | ---- | C] () -- C:\Users\rudolphnaomi\lame_enc.zip
[2011.11.03 20:44:36 | 000,000,000 | ---- | C] () -- C:\Users\rudolphnaomi\AppData\Local\{1ECBDDAC-0B1F-4E2B-A81D-694273CEE375}
[2011.09.19 01:22:26 | 043,872,586 | ---- | C] () -- C:\Program Files (x86)\setup-contenta-converter-en-premium.exe
[2011.08.10 02:45:37 | 002,012,681 | ---- | C] () -- C:\Program Files (x86)\Total-Commander-Setup.exe
[2011.07.22 18:11:34 | 000,181,760 | ---- | C] () -- C:\Users\rudolphnaomi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.25 03:33:45 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.06.21 23:11:30 | 001,529,464 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.11 16:59:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.10 23:12:51 | 000,802,113 | ---- | C] () -- C:\Program Files (x86)\Unlocker1.9.1.exe
[2011.05.10 22:06:02 | 000,112,640 | ---- | C] () -- C:\Program Files (x86)\ClearProg.exe
[2011.05.08 16:32:53 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.05.07 21:13:19 | 000,000,192 | ---- | C] () -- C:\Windows\winamp.ini
[2011.05.07 19:53:08 | 000,001,006 | ---- | C] () -- C:\Windows\WINCMD.INI
[2011.03.03 13:52:21 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.03.03 13:52:20 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.03.03 13:52:18 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2010.07.26 10:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.01.21 23:59:14 | 000,009,107 | ---- | C] () -- C:\Users\rudolphnaomi\Readme.html
[2005.07.04 17:35:43 | 001,309,668 | ---- | C] () -- C:\Users\rudolphnaomi\Line-In.pdf
[2005.07.04 17:35:43 | 000,044,863 | ---- | C] () -- C:\Users\rudolphnaomi\German.lng
[2005.07.04 17:35:43 | 000,043,771 | ---- | C] () -- C:\Users\rudolphnaomi\Italian.lng
[2005.07.04 17:35:43 | 000,042,533 | ---- | C] () -- C:\Users\rudolphnaomi\Spanish.lng
[2005.07.04 17:35:42 | 000,899,072 | ---- | C] () -- C:\Users\rudolphnaomi\audiograbber.exe
[2005.07.04 17:35:42 | 000,178,412 | ---- | C] () -- C:\Users\rudolphnaomi\Erste_Schritte.pdf
[2005.07.04 17:35:42 | 000,046,092 | ---- | C] () -- C:\Users\rudolphnaomi\French.lng
[2005.07.04 17:35:42 | 000,036,352 | ---- | C] () -- C:\Users\rudolphnaomi\GroJDynQxjGUQvEty
[2005.07.04 17:35:42 | 000,036,352 | ---- | C] () -- C:\Users\rudolphnaomi\ag12full.dll
[2005.07.04 17:35:42 | 000,004,788 | ---- | C] () -- C:\Users\rudolphnaomi\audiograbber.ini
[2005.07.04 17:35:42 | 000,000,760 | ---- | C] () -- C:\Users\rudolphnaomi\audiograbber.apr
[2005.07.04 17:35:42 | 000,000,386 | ---- | C] () -- C:\Users\rudolphnaomi\Auto.Nam
========== LOP Check ==========
[2012.03.18 03:35:07 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Amazon
[2011.05.08 17:19:37 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\AnvSoft
[2012.02.19 18:54:35 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Ashampoo
[2012.04.14 04:01:23 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Azureus
[2012.05.21 01:49:37 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Babylon
[2012.03.13 11:42:09 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Canneverbe Limited
[2012.06.13 21:39:21 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Canon
[2012.04.30 21:46:52 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\DVDVideoSoft
[2012.04.30 21:46:37 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.06.04 00:49:27 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\FreeVideoConverter
[2012.05.26 23:59:23 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\GHISLER
[2012.02.19 18:38:31 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\ImgBurn
[2012.04.14 03:57:37 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\IObit
[2011.05.10 23:34:14 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\LockHunter
[2012.02.21 04:04:05 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\OpenCandy
[2012.05.21 01:49:39 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\pdfforge
[2012.06.21 13:03:20 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\SoftGrid Client
[2011.07.20 15:54:19 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Steinberg
[2012.03.14 16:08:24 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Systweak
[2011.05.08 17:01:04 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Thunderbird
[2011.06.21 23:12:07 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\TP
[2011.05.22 14:36:30 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Win7codecs
[2011.09.04 14:45:00 | 000,000,000 | ---D | M] -- C:\Users\rudolphnaomi\AppData\Roaming\Windows Live Writer
[2012.05.11 19:14:36 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
< End of report >
--- --- ---
OTL Extras Logfile:OTL Logfile: Code:
OTL Extras logfile created on: 27.06.2012 02:13:54 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\rudolphnaomi
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,86 Gb Total Physical Memory | 3,13 Gb Available Physical Memory | 53,50% Memory free
11,71 Gb Paging File | 8,89 Gb Available in Paging File | 75,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 291,43 Gb Total Space | 207,60 Gb Free Space | 71,24% Space Free | Partition Type: NTFS
Drive F: | 289,64 Gb Total Space | 67,69 Gb Free Space | 23,37% Space Free | Partition Type: NTFS
Drive H: | 1397,26 Gb Total Space | 1009,80 Gb Free Space | 72,27% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 120,47 Gb Free Space | 12,93% Space Free | Partition Type: NTFS
Computer Name: RUDOLPHNAOMI-PC | User Name: rudolphnaomi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E49A57-B8A4-45D5-A945-E4400867719D}" = lport=139 | protocol=6 | dir=in | app=system |
"{05781BF1-7145-4B96-A6B8-5B4938FDBBCD}" = lport=137 | protocol=17 | dir=in | app=system |
"{0B8E9446-CFCC-4029-8C10-2EAF08A4E8D4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0E3E2E4B-3790-4377-A657-76D8C9E698C0}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{14263168-078C-4200-BB96-88E545AC485B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19CD6089-A2D6-4E81-950F-857051C19152}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D647CF2-983B-448C-905D-751D4AE14C1B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1EB602DD-A8AA-4CFC-A0CF-D1D9D322B3EE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{202CF650-1CCF-4C79-AD88-69A37D8C9C12}" = rport=138 | protocol=17 | dir=out | app=system |
"{275DACC4-432F-4463-9F7F-16B496CF94A8}" = lport=138 | protocol=17 | dir=in | app=system |
"{2E586FCA-B160-486E-AEEA-D897DFD5EF06}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3675F881-E516-4918-BA7A-CBFD18342B93}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3777C132-0E60-4D21-9539-FE86361F7CCD}" = lport=445 | protocol=6 | dir=in | app=system |
"{377FE476-9B87-4DB5-8ACD-411E196419DC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3DD9FBD3-7AB6-48EB-8D5F-F56D1992E93C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41051B35-BE11-477C-9613-C0BE95CD832A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54E09037-6D26-4251-BDB5-7FA96A3638F9}" = rport=137 | protocol=17 | dir=out | app=system |
"{762D270B-CB2D-4AFE-919C-743F4145FE2A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7F8FC1EF-D7B1-4736-89A7-FD5779F80023}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8517BF42-6BD8-419F-80C0-B3B7332AB962}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{863269C3-7360-4A1E-B5A1-63ADD3D769EA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8F56454D-1539-4AD9-A75F-D514B466F371}" = rport=139 | protocol=6 | dir=out | app=system |
"{93961B81-4F83-4613-9DA8-D246174065E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9E1461EC-1C28-43F3-A78C-E852CCF47FB7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A5BA2914-E5B7-4A9F-85AD-1687754DBD25}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF6B6B48-C7D7-4493-9B11-6040AF6557B2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1DFBB19-C38E-4ADC-BB97-204928C373E1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C4E06369-6036-42BE-A2AC-C41FB8F6FF47}" = rport=445 | protocol=6 | dir=out | app=system |
"{E14D0236-92F8-4F22-809B-B0A96078FC5C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E9C120B4-D838-44AD-9C5B-BD79BFB66468}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F12B33FE-8AC4-422F-8445-B224189752DD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F16482A2-EE27-4F61-9D18-7CE866A0F320}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F9E0ACF3-BF76-46B2-9FC2-EFFBA5E16EFE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07570F04-8D57-4A9A-80D8-11664A0E7C92}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{107F1BBA-4727-4CD4-ADE3-42CFC7FA9A59}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{1624D4A0-9A3C-4EB6-BD09-16B8F01C1D67}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{16EC866E-8FB7-457F-B93B-0CB92CB87C0B}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{1B642864-1EFB-4402-B4D5-B6AFC01B6003}" = protocol=6 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{263EB66D-2688-4737-981D-15C29B24AE21}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{380303DC-3C55-4416-B3BC-30D7BCF3C9A3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4305411A-4170-4C66-BDED-D2E0C642B99A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4735F356-74C4-4ADD-8982-F08A018619B9}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{53DE5331-B097-467F-A634-4CDE795EAB57}" = protocol=6 | dir=out | app=system |
"{59D43692-7F6F-4A38-BDC2-19418C64A2CE}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{5E630E81-85A5-43BE-AD85-3234B0DA22B7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5EDF3F5D-FCEE-4F0F-A299-4A66E7A47BEC}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\.\kernel\clml\clmlsvc.exe |
"{642266CE-9E77-4B18-AE39-5FD9B8AA7C96}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73899609-9115-47FB-956F-38AD5DD2DFE3}" = protocol=17 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{79B25C61-3F96-458A-8105-3BF943E0BBB2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7D554447-0FB0-4241-B54D-BF2BFFF661F0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8642292C-861C-4C71-B94F-AAA731A7D7CA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{86578219-51BD-4EDE-A4E0-2087DB9432E9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{89D50865-28F2-40FC-BFA6-C184809CD9B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8CC71A8C-5518-4FF1-A085-08C586BC5DDB}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8E8C3997-B551-40CE-8B2B-36DCB41553B8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{962EB965-70FB-460A-9AF5-431B42F5EF7A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{96F2C991-FB87-480C-93B2-04938B541C07}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe |
"{9B261859-6D77-4A5D-B863-5E240A656AF2}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe |
"{B16A5723-A7DC-4713-8D2D-9D04B657E8DA}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\.\kernel\dmr\dmrengine.exe |
"{BDABD2E8-FC35-4CC4-91FF-AB46D748BF93}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7E23695-5022-4E6F-9C5C-8B938C71AB22}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CFEDB381-DC07-41D9-B8A4-1D3248E0E442}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D380376E-6556-4291-BD89-6EEEE29CAD29}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\.\kernel\dmr\dmrengine.exe |
"{D44439E5-2E34-473E-9A46-363C35F17DF6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E567E578-12B0-49C6-841B-608A538F05D7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E59A3FF3-2CC6-40EA-AEC2-D0612F3707C2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EE48DBC0-239C-424C-970B-87FB1B3DB9D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F188C8F2-C190-462B-B23F-EDED9A4FCF37}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4C0887E-E425-49B0-B743-556FA4D592AD}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\.\kernel\dmr\dmrengine.exe |
"{F8F5642F-1A24-4463-BCBF-6B4E8C40741F}" = protocol=58 | dir=in | app=system |
"{FD1C0E21-85D4-47E8-92A6-93D440BB0D08}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"TCP Query User{6629785E-0152-4B3C-BE9F-4D54CA56EDF8}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{A9B9B64C-72D3-4B68-903B-EE5256C8FF25}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series" = Canon MP270 series MP Drivers
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"LockHunter_is1" = LockHunter version 1.0 beta 3, 64 bit edition
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaEspresso
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7020FC34-6E04-4858-924D-354B28CB2402}_is1" = Luminance HDR 2.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.1 MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = clear.fi
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C9F0B814-4CBE-4DE2-83B2-C0D770CF9CA6}" = ArcSoft MediaImpression
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Foto Premium 9
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"Any Video Converter_is1" = Any Video Converter 3.3.5
"Audiograbber" = Audiograbber 1.83 SE
"AviSynth" = AviSynth 2.6
"AvsP_is1" = AvsP
"BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1" = 0.9.4.9
"blekkotb" = Spam Free Search Bar
"Canon MP270 series Benutzerregistrierung" = Canon MP270 series Benutzerregistrierung
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CDex" = CDex - Open Source Digital Audio CD Extractor
"ContentaConverter-PREMIUM" = Contenta Converter PREMIUM
"DVD Flick_is1" = DVD Flick 1.3.0.7
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"DVDFab 8 Qt_is1" = DVDFab 8.1.7.8 (17/04/2012) Qt
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"ExpressBurn" = Express Burn CD DVD Blu-Ray Brenner
"Free Audio Converter_is1" = Free Audio Converter version 2.3.1.727
"Free Video Converter_is1" = Free Video Converter V 3.1
"Free YouTube Download_is1" = Free YouTube Download version 3.1.25.423
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319
"Google Chrome" = Google Chrome
"GUI for dvdauthor" = GUI for dvdauthor 1.07
"HaaliMkx" = Haali Media Splitter
"HelixYUVCodecs" = Helix YUV Codecs (remove only)
"Identity Card" = Identity Card
"ImgBurn" = ImgBurn
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"Kalenderchen_is1" = Kalenderchen V.2
"LManager" = Launch Manager
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MARKEMENT_DEFRAG_PRO_is1" = PCSUITE DEFRAG
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"Mozilla Thunderbird 13.0.1 (x86 de)" = Mozilla Thunderbird 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MP3MyMP3_is1" = MP3MyMP3 3.1
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PictureIt_v9" = Microsoft Picture It! Foto Premium 9
"Softonic" = Softonic toolbar on IE and Chrome
"Steinberg Cubase LE" = Steinberg Cubase LE
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.0.1
"Winamp" = Winamp
"Windows Searchqu Toolbar" = Windows Searchqu Toolbar
"WinLiveSuite" = Windows Live Essentials
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.06.2012 08:57:39 | Computer Name = rudolphnaomi-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\rudolphnaomi\SoftonicDownloader_fuer_cdburnerxp-pro.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 11.06.2012 08:57:39 | Computer Name = rudolphnaomi-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\rudolphnaomi\SoftonicDownloader_fuer_picture-converter.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 12.06.2012 08:10:05 | Computer Name = rudolphnaomi-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 12.06.2012 08:10:09 | Computer Name = rudolphnaomi-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\rudolphnaomi\SoftonicDownloader_fuer_cdburnerxp-pro.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 12.06.2012 08:10:10 | Computer Name = rudolphnaomi-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\rudolphnaomi\SoftonicDownloader_fuer_picture-converter.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 12.06.2012 22:20:25 | Computer Name = rudolphnaomi-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 12.06.2012 22:20:26 | Computer Name = rudolphnaomi-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\rudolphnaomi\SoftonicDownloader_fuer_cdburnerxp-pro.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 12.06.2012 22:20:26 | Computer Name = rudolphnaomi-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\rudolphnaomi\SoftonicDownloader_fuer_picture-converter.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 14.06.2012 19:06:39 | Computer Name = rudolphnaomi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DVD Shrink 3.2.exe, Version: 3.2.0.15,
Zeitstempel: 0x4103f8b5 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00033ab3 ID des fehlerhaften
Prozesses: 0x1538 Startzeit der fehlerhaften Anwendung: 0x01cd4a824d127b5f Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\DVD Shrink 3.2.exe Pfad des fehlerhaften
Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 986a2044-b675-11e1-96fe-b870f4732d90
Error - 14.06.2012 19:07:24 | Computer Name = rudolphnaomi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DVD Shrink 3.2.exe, Version: 3.2.0.15,
Zeitstempel: 0x4103f8b5 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00033792 ID des fehlerhaften
Prozesses: 0xcc0 Startzeit der fehlerhaften Anwendung: 0x01cd4a8266678874 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\DVD Shrink 3.2.exe Pfad des fehlerhaften
Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: b3191d1a-b675-11e1-96fe-b870f4732d90
Error - 14.06.2012 19:20:35 | Computer Name = rudolphnaomi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DVD Shrink 3.2 DE (DeCSS-frei).exe,
Version: 3.2.0.16, Zeitstempel: 0x4247bde4 Name des fehlerhaften Moduls: ntdll.dll,
Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset:
0x00033792 ID des fehlerhaften Prozesses: 0x1290 Startzeit der fehlerhaften Anwendung:
0x01cd4a842bd47bdc Pfad der fehlerhaften Anwendung: C:\Users\rudolphnaomi\DVD Shrink
DE\DVD Shrink 3.2 DE (DeCSS-frei).exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
8adc73eb-b677-11e1-b859-b870f4732d90
[ System Events ]
Error - 20.06.2012 03:20:32 | Computer Name = rudolphnaomi-PC | Source = Disk | ID = 262159
Description = Das Gerät \Device\Harddisk1\DR1 ist für den Zugriff noch nicht bereit.
Error - 20.06.2012 06:35:54 | Computer Name = rudolphnaomi-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?20.?06.?2012 um 12:26:46 unerwartet heruntergefahren.
Error - 21.06.2012 04:22:44 | Computer Name = rudolphnaomi-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 26.06.2012 17:22:19 | Computer Name = rudolphnaomi-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DCService.exe" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 26.06.2012 17:22:19 | Computer Name = rudolphnaomi-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "PCSUITE DEFRAG SERVICE" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 26.06.2012 17:51:24 | Computer Name = rudolphnaomi-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 26.06.2012 17:57:23 | Computer Name = rudolphnaomi-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 26.06.2012 18:01:47 | Computer Name = rudolphnaomi-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 26.06.2012 18:02:47 | Computer Name = rudolphnaomi-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 26.06.2012 18:27:13 | Computer Name = rudolphnaomi-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
< End of report >
--- --- ---
Defogger - disable:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 02:08 on 27/06/2012 (rudolphnaomi)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=- |
