Ok, dann bin ich schon mal ein klitzekleines Bisschen beruhigt. Hier sind die Logfiles: OTL
OTL.txt
OTL Logfile: Code:
OTL logfile created on: 30.07.2012 09:10:57 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = c:\users\lisa\downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,46 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 34,62% Memory free
5,16 Gb Paging File | 2,53 Gb Available in Paging File | 48,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,68 Gb Total Space | 16,44 Gb Free Space | 15,41% Space Free | Partition Type: NTFS
Computer Name: LISA-LAPTOP | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - c:\users\lisa\downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe (Adobe Systems, Inc.)
PRC - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\msftesql.exe (Microsoft Corporation)
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - c:\Programme\Windows Defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\Lenovo\Client Security Solution\tvtpwm_tray.exe (Lenovo Group Limited)
PRC - C:\Programme\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo)
PRC - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
PRC - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo)
PRC - c:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\PM Driver\PMHandler.exe (Lenovo)
PRC - C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\FnF5svc.exe (Lenovo.)
PRC - C:\Programme\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\Lenovo\PM Driver\PMSveH.exe (Lenovo)
PRC - C:\Programme\Pure Networks\Network Magic\nmsrvc.exe (Pure Networks, Inc.)
PRC - C:\Programme\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe ()
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\System32\IPSSVC.EXE (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe ()
PRC - C:\Programme\Common Files\Lenovo\Logger\logmon.exe ()
PRC - C:\Programme\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe (Corel, Inc.)
PRC - C:\Programme\Lenovo Multimedia Center\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
PRC - C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
PRC - C:\Programme\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe ()
========== Modules (No Company Name) ==========
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\OpenOffice.org 3\Basis\program\nsldap32v50.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\OpenOffice.org 3\Basis\program\libxmlsec.dll ()
MOD - C:\Programme\OpenOffice.org 3\Basis\program\libxslt.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\Common Files\Lenovo\CDRecord.dll ()
MOD - C:\Programme\Lenovo\NPDIRECT\tpfnf7.dll ()
MOD - C:\Programme\Lenovo\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Windows\System32\btwhidcs.dll ()
MOD - C:\Programme\Common Files\Lenovo\xml4cmessages5_5.dll ()
MOD - C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe ()
MOD - C:\Programme\Lenovo\HOTKEY\TpWAud32.dll ()
MOD - C:\Programme\Lenovo\PM Driver\PMHlerIO.dll ()
MOD - C:\Programme\Lenovo\Energy Management\HookLib.dll ()
========== Win32 Services (SafeList) ==========
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ) -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQL$CSSQL05) -- c:\Programme\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (msftesql$CSSQL05) -- c:\Programme\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\msftesql.exe (Microsoft Corporation)
SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (ThinkVantage Registry Monitor Service) -- C:\Programme\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (AcSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
SRV - (AcPrfMgrSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo)
SRV - (SUService) -- c:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
SRV - (FNF5SVC) -- C:\Programme\Lenovo\HOTKEY\FnF5svc.exe (Lenovo.)
SRV - (PMSveH) -- C:\Programme\Lenovo\PM Driver\PMSveH.exe (Lenovo)
SRV - (nmservice) -- C:\Programme\Pure Networks\Network Magic\nmsrvc.exe (Pure Networks, Inc.)
SRV - (nmraapache) -- C:\Programme\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.)
SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe ()
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (IPSSVC) -- C:\Windows\System32\IPSSVC.EXE (Lenovo Group Limited)
SRV - (TVT Backup Protection Service) -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe ()
SRV - (Diskeeper) -- C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (ITETech )
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (ACPIVPC) -- C:\Windows\System32\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV - (ATSWPDRV) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (TVTI2C) -- C:\Windows\System32\drivers\tvti2c.sys (Lenovo (United States) Inc.)
DRV - (psadd) -- C:\Windows\System32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (LPCFilter) -- C:\Windows\System32\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (PROCDD) -- C:\Windows\System32\drivers\PROCDD.SYS (Lenovo Group Limited)
DRV - (lenovo.smi) -- C:\Windows\System32\drivers\smiif32.sys (Lenovo Group Limited)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{A23F6D6B-F1D9-4C73-A753-199A6493AB96}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de
IE - HKCU\..\SearchScopes\{A23F6D6B-F1D9-4C73-A753-199A6493AB96}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE
IE - HKCU\..\SearchScopes\{BE9654C9-9D79-42ec-B55A-3CAEB12DBF58}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..CT2319825.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Winload Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de&source=iglk"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=2&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@cambridgesoft.com/Chem3D,version=12.0: C:\Program Files\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
FF - HKLM\Software\MozillaPlugins\@cambridgesoft.com/ChemDraw,version=12.0: C:\Program Files\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Lisa\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.28 17:45:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.29 18:08:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.29 18:07:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension [2007.12.21 22:52:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.28 17:45:49 | 000,000,000 | ---D | M]
[2008.12.02 17:55:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Extensions
[2012.07.29 18:42:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\lm3rf4q0.default\extensions
[2012.05.19 16:51:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\lm3rf4q0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.01.07 15:38:48 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\lm3rf4q0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.07.29 18:09:25 | 000,000,907 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\conduit.xml
[2012.07.27 18:48:34 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-1.xml
[2010.07.25 11:41:21 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-10.xml
[2010.09.08 20:16:41 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-11.xml
[2010.09.18 13:04:13 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-12.xml
[2010.10.22 16:22:25 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-13.xml
[2010.10.28 19:52:20 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-14.xml
[2010.11.05 01:04:31 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-15.xml
[2011.03.02 18:54:37 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-16.xml
[2011.03.06 11:58:01 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-17.xml
[2011.03.25 18:53:02 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-18.xml
[2011.05.01 12:45:08 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-19.xml
[2009.08.05 23:47:31 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-2.xml
[2011.06.24 15:26:28 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-20.xml
[2011.08.17 19:28:00 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-21.xml
[2011.09.04 16:01:34 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-22.xml
[2011.09.08 11:14:07 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-23.xml
[2011.09.28 21:05:47 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-24.xml
[2011.11.10 20:18:01 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-25.xml
[2011.11.11 14:33:44 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-26.xml
[2009.09.11 22:44:31 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-3.xml
[2009.10.29 20:44:30 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-4.xml
[2009.12.23 14:44:22 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-5.xml
[2010.05.10 16:54:19 | 000,000,961 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-6.xml
[2010.06.24 08:29:16 | 000,000,961 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-7.xml
[2010.07.19 15:23:30 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-8.xml
[2010.07.21 11:55:14 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin-9.xml
[2010.06.21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\icqplugin.xml
[2012.07.03 17:26:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.07.20 18:28:25 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.07.03 17:26:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.07.29 18:08:33 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.29 18:06:51 | 000,378,880 | ---- | M] (InfiniAd GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll
[2012.06.20 18:15:41 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.20 18:15:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.20 18:15:41 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.20 18:15:41 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.20 18:15:41 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.20 18:15:41 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
O4 - HKLM..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AwaySch] C:\Programme\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Programme\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [Energy Management] C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\Lenovo Multimedia Center\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LenovoOobeOffers] c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe (lenovo)
O4 - HKLM..\Run: [LPManager] C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [PMHandler] C:\Programme\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\Lenovo Multimedia Center\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-ROD7E.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - c:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Programme\WordPerfect Office X3\Programs\WPLauncher.hta ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E94AB7C-D065-48BB-8AA9-E96C342C73E4}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68D44842-5D93-45FC-A877-FBC6037F767F}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD93E412-5C96-4A37-B1C4-7575624F161A}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Programme\Common Files\Pure Networks Shared\puresp3.dll (Pure Networks, Inc.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{c5c72b2e-60da-11e0-9af5-002622dee270}\Shell - "" = AutoRun
O33 - MountPoints2\{c5c72b2e-60da-11e0-9af5-002622dee270}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.29 22:26:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\SUPERAntiSpyware.com
[2012.07.29 22:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.07.29 22:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.07.29 22:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.07.29 19:02:35 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes
[2012.07.29 19:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.29 19:02:14 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.29 19:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.29 19:02:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.29 18:09:45 | 000,000,000 | ---D | C] -- C:\strukedit
[2012.07.29 18:07:22 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\convert
[2012.07.29 18:07:01 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012.07.29 18:07:00 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\loadtbs
[2012.07.29 18:06:29 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Conduit
[2012.07.24 20:00:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.07.18 23:11:45 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Microsoft_Corporation
[2012.07.16 19:05:34 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.16 18:55:30 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.07.16 18:55:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.07.16 18:55:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.07.16 18:55:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.07.16 18:55:26 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.07.16 18:55:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.07.16 18:55:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.07.11 17:38:46 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.06 22:39:10 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Mestrelab Research S.L
[2012.07.06 22:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Mestrelab Research S.L
[2012.07.05 22:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChemBioOffice 2010
[2012.07.03 17:26:46 | 000,476,936 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012.07.03 17:26:45 | 000,157,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.07.03 17:26:45 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.07.03 17:26:45 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
========== Files - Modified Within 30 Days ==========
[2012.07.30 09:09:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.30 09:07:39 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.30 09:07:29 | 000,000,252 | ---- | M] () -- C:\Windows\tasks\Auf Updates für Windows Live Toolbar prüfen.job
[2012.07.30 09:06:59 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task c96785d5-88a1-4ebd-bb76-47fac7bcda72.job
[2012.07.30 09:06:59 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 8a5fd97d-0514-4cc7-9920-035b92edc251.job
[2012.07.30 09:06:58 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.30 09:06:45 | 000,005,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.30 09:06:44 | 000,005,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.30 09:06:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.29 22:25:41 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.07.29 22:19:04 | 000,711,240 | ---- | M] () -- C:\Windows\is-ROD7E.exe
[2012.07.29 22:19:04 | 000,012,842 | ---- | M] () -- C:\Windows\is-ROD7E.msg
[2012.07.29 22:19:04 | 000,000,422 | ---- | M] () -- C:\Windows\is-ROD7E.lst
[2012.07.29 21:39:35 | 000,025,269 | ---- | M] () -- C:\Windows\System32\PROCDB.INI
[2012.07.29 21:38:42 | 000,000,380 | ---- | M] () -- C:\Windows\System32\IPSCtrl.INI
[2012.07.29 21:38:19 | 2643,013,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.29 21:36:59 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.07.29 18:08:23 | 000,000,009 | ---- | M] () -- C:\END
[2012.07.29 17:53:13 | 000,773,924 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.29 17:53:13 | 000,724,544 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.29 17:53:13 | 000,181,102 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.29 17:53:13 | 000,149,196 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.27 18:50:42 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.07.27 18:50:42 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.24 13:06:34 | 000,050,435 | ---- | M] () -- C:\Users\Lisa\Desktop\Polymerprobe_Puschel.dpt
[2012.07.24 13:05:40 | 000,050,435 | ---- | M] () -- C:\Users\Lisa\Desktop\Citronensäure_Isolierung.dpt
[2012.07.17 19:50:48 | 000,412,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.16 19:26:59 | 000,094,817 | ---- | M] () -- C:\Users\Lisa\Desktop\MELT! Dicki.jpg
[2012.07.11 03:56:38 | 000,567,107 | ---- | M] () -- C:\Users\Lisa\Desktop\Protokoll Pflegecreme.odt
[2012.07.05 22:40:11 | 000,002,828 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2012.07.05 22:40:11 | 000,000,088 | RHS- | M] () -- C:\Windows\System32\4C22E387DE.sys
[2012.07.03 17:26:33 | 000,476,936 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012.07.03 17:26:33 | 000,472,840 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.07.03 17:26:33 | 000,157,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.07.03 17:26:33 | 000,149,256 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.07.03 17:26:33 | 000,149,256 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2012.07.29 22:26:33 | 000,000,508 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 8a5fd97d-0514-4cc7-9920-035b92edc251.job
[2012.07.29 22:26:31 | 000,000,508 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task c96785d5-88a1-4ebd-bb76-47fac7bcda72.job
[2012.07.29 22:25:41 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.07.29 22:19:04 | 000,711,240 | ---- | C] () -- C:\Windows\is-ROD7E.exe
[2012.07.29 22:19:04 | 000,012,842 | ---- | C] () -- C:\Windows\is-ROD7E.msg
[2012.07.29 22:19:04 | 000,000,422 | ---- | C] () -- C:\Windows\is-ROD7E.lst
[2012.07.29 18:08:22 | 000,000,009 | ---- | C] () -- C:\END
[2012.07.29 17:49:32 | 000,050,435 | ---- | C] () -- C:\Users\Lisa\Desktop\Polymerprobe_Puschel.dpt
[2012.07.29 17:49:29 | 000,050,435 | ---- | C] () -- C:\Users\Lisa\Desktop\Citronensäure_Isolierung.dpt
[2012.07.16 19:26:37 | 000,094,817 | ---- | C] () -- C:\Users\Lisa\Desktop\MELT! Dicki.jpg
[2012.07.05 22:40:10 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\4C22E387DE.sys
[2012.07.03 20:36:12 | 000,567,107 | ---- | C] () -- C:\Users\Lisa\Desktop\Protokoll Pflegecreme.odt
[2011.12.28 17:31:24 | 000,241,086 | ---- | C] () -- C:\Windows\hpwins28.dat
[2010.08.25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.08.25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.08.25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.08.25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010.08.25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010.08.25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010.08.25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2008.06.28 17:55:22 | 000,032,768 | ---- | C] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.28 15:05:21 | 000,002,708 | ---- | C] () -- C:\Users\Lisa\AppData\Local\d3d9caps.dat
[2007.12.21 22:24:04 | 001,398,352 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe
========== Files - Unicode (All) ==========
[2011.04.07 12:24:25 | 003,977,676 | ---- | C] ()(C:\Users\Lisa\Desktop\?Matissek, Lebensmittelanalytik 3.A.pdf) -- C:\Users\Lisa\Desktop\Matissek, Lebensmittelanalytik 3.A.pdf
[2009.11.02 10:35:48 | 003,977,676 | ---- | M] ()(C:\Users\Lisa\Desktop\?Matissek, Lebensmittelanalytik 3.A.pdf) -- C:\Users\Lisa\Desktop\Matissek, Lebensmittelanalytik 3.A.pdf
< End of report >
--- --- ---
Extras.txt
OTL Logfile: Code:
OTL Extras logfile created on: 30.07.2012 09:10:57 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = c:\users\lisa\downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,46 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 34,62% Memory free
5,16 Gb Paging File | 2,53 Gb Available in Paging File | 48,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,68 Gb Total Space | 16,44 Gb Free Space | 15,41% Space Free | Partition Type: NTFS
Computer Name: LISA-LAPTOP | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12C05DE2-4ACD-4026-ABE1-198B33657A3D}" = lport=138 | protocol=17 | dir=in | app=system |
"{27F20E50-E58E-499E-98DC-2B1D3A399E87}" = lport=67 | protocol=17 | dir=in | name=dhcp-discovery-dienst |
"{30FD9F26-D01B-42FF-9239-67D18D0F913B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{5D1EE0E4-CC03-46B3-A579-2E6EE5B3F5CB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{63E99020-FDD0-4773-ADA6-4B8956563B08}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{866B7EF2-F992-4147-B5E3-AD1E54DF1D7C}" = rport=138 | protocol=17 | dir=out | app=system |
"{A368107E-C08B-4D42-884F-40BAD6F3403B}" = lport=445 | protocol=6 | dir=in | app=system |
"{B1A79E2B-277B-48D0-AE24-77B3611D3321}" = rport=139 | protocol=6 | dir=out | app=system |
"{C082F9A3-6DAA-427E-AF0C-2A2B272114DE}" = lport=137 | protocol=17 | dir=in | app=system |
"{C518D87D-A263-4974-9CF7-9CECE4018D8D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D897AE9E-CC91-4FBF-B692-4DE4274BF366}" = lport=139 | protocol=6 | dir=in | app=system |
"{DF5ADEC6-87B0-4919-82F5-FA0E050AA41C}" = lport=67 | protocol=17 | dir=in | name=dhcp-discovery-dienst |
"{F129444B-7D9B-4488-A12F-140E2BF418C8}" = rport=445 | protocol=6 | dir=out | app=system |
"{F1CB3D7D-05DF-4E0C-A3D2-1CBF16DCA8B8}" = rport=137 | protocol=17 | dir=out | app=system |
"{FC9C8EDA-455F-47AE-B538-F288B4E69BF1}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07D68702-D0D8-415D-972A-E92639FB6F02}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0809777A-F181-4521-BA38-CD487DE22305}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe |
"{0A4C5853-053E-44BD-9BB4-CF4CB98A1131}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0D63A987-0E6C-4EF9-B5F3-DE76946DF633}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{1CE4AAC5-CFF1-4158-9A51-C0BFA5F8E484}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{2D28C3F7-5A75-4929-867D-F49E5259436E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{310BBF95-7316-409B-B3E4-D3871AA89D06}" = protocol=17 | dir=in | app=c:\program files\pure networks\network magic\nmsrvc.exe |
"{32575FD3-09E4-4DB2-834D-F930869D13EA}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{335FAA58-B838-43BB-B6E8-CA3D5A8C80AE}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{37D67D9F-4E8D-4875-99D6-4BFBD5C4D1A9}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{3BF9F641-CF40-4AED-9820-EDD40737FE8D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{3C9E1553-28F9-4141-9097-12346BB64831}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{3EF2AF92-6AE9-4A43-9005-58EC31801FE5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{4451BE65-5D20-4CA6-B002-546DF568C5A0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{4642D373-D050-4FC8-BF5A-B168259F1E33}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{50AE57FB-AB35-4A09-A2A8-69E622BDE15B}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{52C7673A-D305-4E11-B92F-055DE4AC2688}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{560097DD-234E-4E46-BA2A-10DC7B319EF6}" = protocol=6 | dir=in | app=c:\program files\pure networks\network magic\nmsrvc.exe |
"{567DE383-A3E4-430A-A924-8F9BAEDFBDD7}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe |
"{5EB67146-DE8B-4312-B640-8CFB41008B37}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{63AE7191-D390-4D8E-A321-C0E5ED935B7E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{7196F247-F1ED-42E2-91CE-351C752F8715}" = dir=in | app=d:\setup\hpznui01.exe |
"{74CBEDDE-235B-46DC-907E-2E7D34AF35C3}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{78D62D76-9D1B-48AC-BDDD-A768EDF3E149}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{7A206087-67A5-4567-8BBB-03C346FA867C}" = dir=in | app=c:\program files\lenovo multimedia center\powerdirector express\pdx.exe |
"{7A91B18D-62C6-4155-8DB7-A2F140A90CAE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7B573573-496E-473B-A61E-9D684C3BEAC1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{807A85E4-550C-4ABE-B72D-0EFE5BF9E7A0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{828D8258-F244-412A-B76B-0155CD720706}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{9156C4D1-735B-4561-B082-BD0653A15804}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{941F9D13-52F6-4EED-B649-EE8FD4A12289}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{99DA3884-7B21-4D23-A15A-BD700EF62E9F}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe |
"{9F8ACADD-BB96-4180-BD75-4343D06B18DE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{AD000267-4901-4870-86EA-DE5C752AAE64}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{B00F194C-A8F3-49A6-B8A2-1FC9AF19347A}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{B369EB67-9CC7-4055-BBFD-63FB20BB0AC7}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{BB1B9F6C-48D7-4A69-B71E-47551A2E3D25}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BED75BE0-1CF3-484F-904D-6FBBE9BEBA17}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFC2DA77-004B-41D9-811B-D3FFABD61961}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DC33D3FA-556C-469F-A192-1F54E890BE9E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{DE9A4C45-EC5D-486C-9F88-B4E3735782A8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{E13F14CC-9B69-41F5-AC29-3EA830C3599A}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{E4707A24-7471-4A7E-974A-13856E4DEDCC}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe |
"{E50F0DC5-89F6-4D8D-92EC-6F9CC780CA8A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E625D11E-3646-4222-AF1E-D7BB2960EE3E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E6903141-4BF7-42E1-8304-5DF7A5D03AA3}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{F15C27EE-00FE-43C2-AB1F-D330AED5106C}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{F631389B-F326-4753-88BF-419B89594C68}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{F8225004-9DF9-4597-BEC1-D7B37E9B2217}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{FA6AC139-35CF-473E-A6B9-81B3151A7DC9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{FFA9BEBC-1DD7-4CE9-8D0F-954BFD6C5D05}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"TCP Query User{0E969BBA-3A6C-47AF-923D-A7CF2F03B307}C:\program files\cambridgesoft\chemoffice2010\chem3d\chem3d.exe" = protocol=6 | dir=in | app=c:\program files\cambridgesoft\chemoffice2010\chem3d\chem3d.exe |
"TCP Query User{11BE3157-3C59-4621-8FB7-7DEA6F4719B9}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{170583B0-CE7A-4888-A015-1B36DBD9D567}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{19A9652B-2990-42DE-A9FC-D64B68995BF0}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{22839551-4198-4920-A43D-E08E37325CC0}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{4AE69B1B-A45E-4981-B700-9BEA52205816}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{55765854-9C88-40D0-9295-DB77B89B3C42}C:\program files\cambridgesoft\chemoffice2010\chemdraw\chemdraw.exe" = protocol=6 | dir=in | app=c:\program files\cambridgesoft\chemoffice2010\chemdraw\chemdraw.exe |
"TCP Query User{6AAA57A7-5BC2-4B5D-AF45-AB3C2AAB4C18}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{83EBD493-9CCC-4449-9C4C-39C06BB69315}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{B7913997-7AD1-42EC-A84A-F4B167F4BCE0}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{C6F9899D-7623-4CC7-A2B4-91137CD8F488}C:\program files\microsoft office\office12\excel.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\excel.exe |
"TCP Query User{D3583092-B85A-45DD-A33C-0145A2FA1409}C:\program files\cambridgesoft\chemoffice2010\chemdraw\chemdraw.exe" = protocol=6 | dir=in | app=c:\program files\cambridgesoft\chemoffice2010\chemdraw\chemdraw.exe |
"TCP Query User{E47D57A9-E5E9-462F-94AF-519E27C7B55C}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{F9D70EB9-A50E-4045-B427-3009A8F0C369}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{1C06F7A6-EBE4-4E80-9706-DF66311F9C6D}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{2BC329B5-4BEE-4AC8-84CC-5E08545CF8AC}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{2CA237D0-0709-4680-BFC7-9A9519324FE5}C:\program files\microsoft office\office12\excel.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\excel.exe |
"UDP Query User{5F5D74CE-CE25-40E9-85DD-981D8B1AD2EE}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{6FCC72A1-47BB-444A-80BF-C8F2245D5843}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{78DF51C2-0BCC-4C6B-86F2-6B79FAF9B6E2}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{828E40B2-B582-468E-A17A-552C9883F17D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{8945B3CB-987C-4A63-BB16-C0EB03A1AEF9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9153AE0E-D3CA-45A7-A781-14FFAD6C10B8}C:\program files\cambridgesoft\chemoffice2010\chemdraw\chemdraw.exe" = protocol=17 | dir=in | app=c:\program files\cambridgesoft\chemoffice2010\chemdraw\chemdraw.exe |
"UDP Query User{B3185CF9-AA16-45EA-B10E-52F0BFDDB65D}C:\program files\cambridgesoft\chemoffice2010\chem3d\chem3d.exe" = protocol=17 | dir=in | app=c:\program files\cambridgesoft\chemoffice2010\chem3d\chem3d.exe |
"UDP Query User{D2843AD6-107D-412B-BF46-CBCF4BD6BF40}C:\program files\cambridgesoft\chemoffice2010\chemdraw\chemdraw.exe" = protocol=17 | dir=in | app=c:\program files\cambridgesoft\chemoffice2010\chemdraw\chemdraw.exe |
"UDP Query User{D317C7E0-F219-4621-80CB-0C58E7F5999B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DF9AEEC3-4B9F-4029-A350-C7A363E6392E}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{E03A49DC-D2A7-4EB6-8BC0-964552EFF4AA}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = Lenovo Bluetooth with Enhanced Data Rate Software 6.0.1.4900
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F4EFCE8-E358-4430-A504-F55F32BA1816}" = Client Security Solution
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{10DDCDDD-9A59-4496-9371-C17F1668D433}" = Windows Live Toolbar
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Lenovo Multimedia Center
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{48DEAAF2-8276-4BBD-B7B6-91E454938476}" = CambridgeSoft ChemDraw Ultra 12.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{58D379F7-62BC-4748-8237-FE071ECE797C}" = Microsoft SQL Server 2005 Tools
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.33
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz
"{62715632-A555-4D9E-9CEC-4F84EB55B07B}" = PM Driver
"{6280149E-EFF3-4F1B-BD43-5B7EDD6F620A}" = Ergänzung zu Lenovo Care
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Präsentationsdirektor
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Home
"{79D56DFD-D28E-4289-BED2-32A6342A305B}" = Corel Business Center
"{7ADE3A47-B425-45E9-8FF6-11BE2B775645}" = Corel Snapfire Plus
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z
"{7E4C16B8-8F76-4940-8505-98E93C00BF19}" = Rescue and Recovery
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{800C6CC9-8EEB-4A6A-ABD4-C05EAE279606}" = Network Magic
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A52A504E-18BE-4821-9A2A-BFB4542DA0BD}" = Lenovo PM Driver
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A912021A-FEDD-4DA3-8DB4-245EBDA84778}" = OriginPro 8G
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}" = Cisco Systems VPN Client 5.0.07.0290
"{B0F9497C-52B4-4686-8E73-74D866BBDF59}" = Microsoft SQL Server 2005 (CSSQL05)
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1F625EB-9691-4889-A864-DA085739F3F0}" = Power Ux Customization
"{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B93BC257-3F73-47B1-B68D-597C6878C8E7}" = CambridgeSoft ChemBioDraw Ultra 12.0
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF52099A-3BEA-4C41-AEA8-1E190F04D737}" = Lenovo Care
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E55E016B-8254-4A3F-ACEB-FE9988CD880F}" = Origin8
"{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}" = CambridgeSoft Activation Client
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{EC422FB2-9F4D-4FB1-A5CE-5F741132EBC5}" = Lenovo Fingerprint Software
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F596E368-2A1D-4896-AB37-C81BFA4DD011}" = CambridgeSoft ENotebook 12.0.1
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira Free Antivirus
"AwayTask" = Maintenance Manager
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Cinergy T Stick MKII" = Cinergy T Stick MKII V9.06.3.01
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{62715632-A555-4D9E-9CEC-4F84EB55B07B}" = PM Driver
"Lenovo Registration" = Lenovo Registration
"LENOVO.SMIIF" = Lenovo System Interface Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor 5 for Windows" = PC-Doctor 5 für Windows
"Picasa2" = Picasa 2
"PROHYBRIDR" = 2007 Microsoft Office system
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.1 for Windows
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"USBPMon" = Registry patch for Windows Vista USB S3 PM Enablement
"Windows Live Toolbar" = Windows Live Toolbar
"WinRAR archiver" = WinRAR
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"Titan Poker" = Titan Poker
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.07.2012 03:06:11 | Computer Name = Lisa-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 30.07.2012 03:06:11 | Computer Name = Lisa-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 29482177
Error - 30.07.2012 03:06:11 | Computer Name = Lisa-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 29482177
Error - 30.07.2012 03:06:17 | Computer Name = Lisa-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 30.07.2012 03:06:17 | Computer Name = Lisa-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 29488589
Error - 30.07.2012 03:06:17 | Computer Name = Lisa-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 29488589
Error - 30.07.2012 03:06:19 | Computer Name = Lisa-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 30.07.2012 03:06:19 | Computer Name = Lisa-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 29489868
Error - 30.07.2012 03:06:19 | Computer Name = Lisa-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 29489868
Error - 30.07.2012 03:07:01 | Computer Name = Lisa-Laptop | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung utility.exe, Version 3.1.5.7, Zeitstempel 0x487d9320,
fehlerhaftes Modul utility.exe, Version 3.1.5.7, Zeitstempel 0x487d9320, Ausnahmecode
0xc0000005, Fehleroffset 0x0000fc22, Prozess-ID 0x10dc, Anwendungsstartzeit 01cd6e21d0bbb8c0.
[ OSession Events ]
Error - 20.07.2009 09:21:04 | Computer Name = Lisa-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7122
seconds with 0 seconds of active time. This session ended with a crash.
Error - 15.07.2010 06:14:02 | Computer Name = Lisa-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 98
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 29.07.2012 12:28:25 | Computer Name = Lisa-Laptop | Source = Service Control Manager | ID = 7011
Description =
Error - 29.07.2012 15:39:07 | Computer Name = Lisa-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 29.07.2012 15:39:07 | Computer Name = Lisa-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 29.07.2012 15:39:07 | Computer Name = Lisa-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 29.07.2012 15:39:07 | Computer Name = Lisa-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 29.07.2012 15:43:02 | Computer Name = Lisa-Laptop | Source = Service Control Manager | ID = 7011
Description =
Error - 29.07.2012 15:43:31 | Computer Name = Lisa-Laptop | Source = Service Control Manager | ID = 7011
Description =
Error - 29.07.2012 15:44:48 | Computer Name = Lisa-Laptop | Source = Service Control Manager | ID = 7011
Description =
Error - 29.07.2012 15:45:32 | Computer Name = Lisa-Laptop | Source = Service Control Manager | ID = 7011
Description =
Error - 30.07.2012 03:08:09 | Computer Name = Lisa-Laptop | Source = DCOM | ID = 10010
Description =
< End of report >
--- --- --- AdwCleaner Code:
# AdwCleaner v1.703 - Logfile created 07/30/2012 at 09:46:28
# Updated 20/07/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Lisa - LISA-LAPTOP
# Running from : C:\Users\Lisa\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Users\Lisa\AppData\Local\Conduit
Folder Found : C:\Users\Lisa\AppData\Local\TempDir
Folder Found : C:\Users\Lisa\AppData\LocalLow\Conduit
Folder Found : C:\Users\Lisa\AppData\Roaming\loadtbs
Folder Found : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\Smartbar
Folder Found : C:\Program Files\Conduit
File Found : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\searchplugins\Conduit.xml
***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKLM\SOFTWARE\Conduit
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825
-\\ Mozilla Firefox v14.0.1 (de)
Profile name : default
File : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\lm3rf4q0.default\prefs.js
Found : user_pref("CT2319825.1000082.isPlayDisplay", "true");
Found : user_pref("CT2319825.1000082.state", "{\"state\":\"stopped\",\"text\":\"1Live\",\"description\":\"1L[...]
Found : user_pref("CT2319825.1000234.TWC_TMP_city", "BERLIN");
Found : user_pref("CT2319825.1000234.TWC_TMP_country", "DE");
Found : user_pref("CT2319825.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2319825.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT2319825.FirstTime", "true");
Found : user_pref("CT2319825.FirstTimeFF3", "true");
Found : user_pref("CT2319825.ID", "47871746");
Found : user_pref("CT2319825.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT231[...]
Found : user_pref("CT2319825.UserID", "UN19579818090523649");
Found : user_pref("CT2319825.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT2319825.autoDisableScopes", -1);
Found : user_pref("CT2319825.browser.search.defaultthis.engineName", true);
Found : user_pref("CT2319825.defaultSearch", "true");
Found : user_pref("CT2319825.embeddedsData", "[{\"appId\":\"128898076802619666\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT2319825.enableAlerts", "always");
Found : user_pref("CT2319825.enableSearchFromAddressBar", "true");
Found : user_pref("CT2319825.firstTimeDialogOpened", "true");
Found : user_pref("CT2319825.fixPageNotFoundError", "true");
Found : user_pref("CT2319825.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT2319825.fixUrls", true);
Found : user_pref("CT2319825.installId", "ConduitNSISIntegration");
Found : user_pref("CT2319825.installType", "ConduitNSISIntegration");
Found : user_pref("CT2319825.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2319825.isNewTabEnabled", true);
Found : user_pref("CT2319825.isPerformedSmartBarTransition", "true");
Found : user_pref("CT2319825.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2319825.keyword", true);
Found : user_pref("CT2319825.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\" \",\"EB_MAIN_FRAME_URL\":\"hxxp[...]
Found : user_pref("CT2319825.openThankYouPage", "false");
Found : user_pref("CT2319825.openUninstallPage", "true");
Found : user_pref("CT2319825.search.searchAppId", "128898076802619666");
Found : user_pref("CT2319825.search.searchCount", "0");
Found : user_pref("CT2319825.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT2319825.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2319825.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT2319825.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT2319825.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT2319825.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1343578164045");
Found : user_pref("CT2319825.serviceLayer_services_appTracking_lastUpdate", "1343578167951");
Found : user_pref("CT2319825.serviceLayer_services_appsMetadata_lastUpdate", "1343578164025");
Found : user_pref("CT2319825.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1343578167185");
Found : user_pref("CT2319825.serviceLayer_services_login_10.10.20.14_lastUpdate", "1343578167781");
Found : user_pref("CT2319825.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1343578165188");
Found : user_pref("CT2319825.serviceLayer_services_searchAPI_lastUpdate", "1343578158137");
Found : user_pref("CT2319825.serviceLayer_services_serviceMap_lastUpdate", "1343578155004");
Found : user_pref("CT2319825.serviceLayer_services_toolbarContextMenu_lastUpdate", "1343578167122");
Found : user_pref("CT2319825.serviceLayer_services_toolbarSettings_lastUpdate", "1343578158010");
Found : user_pref("CT2319825.serviceLayer_services_translation_lastUpdate", "1343578164032");
Found : user_pref("CT2319825.settingsINI", true);
Found : user_pref("CT2319825.shouldFirstTimeDialog", "false");
Found : user_pref("CT2319825.smartbar.CTID", "CT2319825");
Found : user_pref("CT2319825.smartbar.Uninstall", "0");
Found : user_pref("CT2319825.smartbar.homepage", true);
Found : user_pref("CT2319825.smartbar.toolbarName", "Winload ");
Found : user_pref("CT2319825.startPage", "userChanged");
Found : user_pref("CT2319825.toolbarBornServerTime", "29-7-2012");
Found : user_pref("CT2319825.toolbarCurrentServerTime", "29-7-2012");
Found : user_pref("Smartbar.ConduitHomepagesList", "");
Found : user_pref("Smartbar.ConduitSearchEngineList", "Winload Customized Web Search");
Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825[...]
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT2319825");
Found : user_pref("browser.search.selectedEngine", "Winload Customized Web Search");
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=2&q=[...]
*************************
AdwCleaner[R1].txt - [7541 octets] - [30/07/2012 09:46:28]
########## EOF - C:\AdwCleaner[R1].txt - [7669 octets] ##########
|
