OTL Logfile: Code:
OTL logfile created on: 10.08.2012 19:03:03 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Janina\Downloads
Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000807 | Country: Switzerland | Language: DES | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 77.42% Memory free
4.23 Gb Paging File | 3.95 Gb Available in Paging File | 93.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 128.66 Gb Total Space | 6.17 Gb Free Space | 4.80% Space Free | Partition Type: NTFS
Drive D: | 13.93 Gb Total Space | 11.08 Gb Free Space | 79.55% Space Free | Partition Type: NTFS
Drive F: | 3.80 Gb Total Space | 1.14 Gb Free Space | 30.11% Space Free | Partition Type: FAT32
Computer Name: JANINA-PC | User Name: Janina | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.08.10 19:01:13 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Janina\Downloads\OTL.exe
PRC - [2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV - [2011.10.21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.08.03 21:31:27 | 000,468,432 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2011.06.28 16:21:23 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.03.28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.08.24 13:47:07 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009.05.15 23:29:38 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008.01.11 16:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007.11.18 19:46:01 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.26 23:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007.04.09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Stopped] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007.03.31 07:15:38 | 000,202,288 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2007.03.31 07:15:32 | 000,091,696 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2007.03.16 14:26:22 | 000,057,344 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
SRV - [2007.03.15 00:42:48 | 000,321,088 | ---- | M] (Pure Networks, Inc.) [Auto | Stopped] -- C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe -- (nmservice)
SRV - [2007.03.15 00:42:22 | 000,012,800 | ---- | M] (Pure Networks, Inc.) [On_Demand | Stopped] -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -- (nmraapache)
SRV - [2007.03.02 06:07:28 | 000,055,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2007.02.12 22:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007.01.30 04:01:26 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Windows\System32\IPSSVC.EXE -- (IPSSVC)
SRV - [2007.01.09 05:03:26 | 000,569,344 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007.01.04 22:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006.11.16 01:20:46 | 000,634,988 | ---- | M] (Diskeeper Corporation) [Auto | Stopped] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2006.10.05 04:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2005.01.31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011.08.03 21:22:47 | 000,023,464 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2011.08.03 21:22:22 | 000,046,480 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acsmux.sys -- (acsmux)
DRV - [2011.08.03 21:22:22 | 000,036,624 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acsint.sys -- (acsint)
DRV - [2011.06.28 16:21:25 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 16:21:25 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.13 19:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.01.30 15:12:00 | 007,544,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.04.29 22:45:18 | 002,219,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007.04.11 00:55:28 | 000,140,808 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV)
DRV - [2007.03.22 12:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\elagopro.sys -- (elagopro)
DRV - [2007.03.22 12:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2007.03.22 07:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.02.24 23:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.02.19 06:56:46 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2007.01.24 01:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.01.09 01:25:53 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006.11.09 23:34:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2006.11.08 08:29:44 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.06 09:23:24 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006.09.13 21:42:44 | 000,035,264 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2006.08.30 11:04:04 | 000,013,744 | ---- | M] (Lenovo Group Limited) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2005.02.23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=tb50trie7
IE - HKLM\..\SearchScopes\{96FE14A2-BDA4-4277-8FCA-8440E4B7CDA0}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/3000notebook [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/3000notebook [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=tb50trie7
IE - HKCU\..\SearchScopes\{96FE14A2-BDA4-4277-8FCA-8440E4B7CDA0}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.facebook.com"
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc;version=0.8.6h: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.11 19:52:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.11 19:52:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension [2007.11.18 21:00:46 | 000,000,000 | ---D | M]
[2009.03.11 10:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janina\AppData\Roaming\Mozilla\Extensions
[2009.03.11 10:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janina\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2012.07.01 17:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janina\AppData\Roaming\Mozilla\Firefox\Profiles\dalihnkh.default\extensions
[2011.05.04 05:37:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Janina\AppData\Roaming\Mozilla\Firefox\Profiles\dalihnkh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.02.19 16:07:12 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Janina\AppData\Roaming\Mozilla\Firefox\Profiles\dalihnkh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.06.21 15:15:03 | 000,004,207 | ---- | M] () -- C:\Users\Janina\AppData\Roaming\Mozilla\Firefox\Profiles\dalihnkh.default\searchplugins\aim-search.xml
[2011.12.09 13:19:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.05.06 05:47:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.05.06 05:47:51 | 000,000,000 | ---D | M] (GMX Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\toolbar@gmx.net
[2012.02.19 17:35:38 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.04.16 18:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2012.02.18 13:04:01 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.18 13:04:01 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.18 13:04:01 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.18 13:04:01 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.18 13:04:01 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.18 13:04:01 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O4 - HKLM..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
O4 - HKLM..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\Lenovo Multimedia Center\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LenovoOobeOffers] c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe (Lenovo)
O4 - HKLM..\Run: [LPManager] C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PMHandler] C:\Program Files\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\Lenovo Multimedia Center\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
O4 - HKLM..\Run: [Ulead Quick-Drop] C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 5 Plus\Ulead MovieFactory 5\Quick-Drop.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL LLC)
O4 - HKCU..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKCU..\Run: [pcuaunllhsucoco] C:\ProgramData\pcuaunll.exe ()
O4 - Startup: C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Janina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A7643DF-9055-4C7E-9D16-18DDDB4948E5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A86CDC84-C704-4AC4-9615-F4822329FA54}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp3.dll (Pure Networks, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Janina\Downloads\shine.jpg
O24 - Desktop BackupWallPaper: C:\Users\Janina\Downloads\shine.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0b8e678d-53bf-11df-8692-d76322924237}\Shell\AutoRun\command - "" = setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {59C03CC8-3C17-3EF4-2ECB-1CD4E649E064} - Microsoft Windows Media Player
ActiveX: {5A604D2C-E968-429B-8327-62B5CE52126D} - .NET Framework
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
========== Files/Folders - Created Within 30 Days ==========
[2012.08.10 11:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\apkiiyrrhpbjbsn
========== Files - Modified Within 30 Days ==========
[2012.08.10 18:56:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.10 18:25:58 | 000,730,058 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012.08.10 18:25:58 | 000,722,222 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2012.08.10 18:25:58 | 000,691,562 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.10 18:25:58 | 000,659,754 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.10 18:25:58 | 000,135,358 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2012.08.10 18:25:58 | 000,135,238 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.10 18:25:58 | 000,132,618 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2012.08.10 18:25:58 | 000,122,290 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.10 18:22:56 | 000,126,876 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.08.10 18:18:57 | 000,025,269 | ---- | M] () -- C:\Windows\System32\PROCDB.INI
[2012.08.10 18:18:20 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.10 18:18:20 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.10 18:06:04 | 000,126,876 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.08.10 11:39:18 | 000,000,051 | ---- | M] () -- C:\ProgramData\vlslhfpchcecmtj
[2012.08.10 11:39:07 | 000,061,440 | ---- | M] () -- C:\ProgramData\pcuaunll.exe
[2012.08.10 11:39:07 | 000,061,440 | ---- | M] () -- C:\Users\Janina\ms.exe
[2012.08.09 19:10:10 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
[2012.08.08 20:00:52 | 237,370,600 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.08.07 17:49:59 | 000,006,944 | ---- | M] () -- C:\Users\Janina\AppData\Local\d3d9caps.dat
[2012.07.23 15:56:05 | 000,000,836 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.07.20 16:03:24 | 000,002,631 | ---- | M] () -- C:\Users\Janina\Desktop\Microsoft Office Word 2007.lnk
========== Files Created - No Company Name ==========
[2012.08.10 11:39:18 | 000,061,440 | ---- | C] () -- C:\ProgramData\pcuaunll.exe
[2012.08.10 11:39:12 | 000,000,051 | ---- | C] () -- C:\ProgramData\vlslhfpchcecmtj
[2012.08.10 11:39:07 | 000,061,440 | ---- | C] () -- C:\Users\Janina\ms.exe
[2010.10.19 22:23:42 | 000,006,944 | ---- | C] () -- C:\Users\Janina\AppData\Local\d3d9caps.dat
[2009.10.21 12:14:12 | 000,000,241 | ---- | C] () -- C:\Users\Janina\IfolorJavaUpload.data
[2009.06.12 22:48:47 | 000,126,876 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.06.12 22:48:47 | 000,126,876 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.10.28 18:11:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.05.31 18:21:47 | 000,013,072 | ---- | C] () -- C:\Users\Janina\AppData\Roaming\nvModes.001
[2008.05.31 18:21:46 | 000,013,072 | ---- | C] () -- C:\Users\Janina\AppData\Roaming\nvModes.dat
[2008.05.31 17:59:43 | 000,014,848 | ---- | C] () -- C:\Users\Janina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== LOP Check ==========
[2009.03.09 11:48:02 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\acccore
[2008.07.21 13:53:10 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\BSplayer PRO
[2010.06.20 12:27:28 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\Chilirec
[2011.09.21 06:49:11 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\DVDVideoSoft
[2011.02.19 16:07:10 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.01 17:02:52 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\Information Factory
[2008.07.21 08:56:03 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\IrfanView
[2008.07.19 21:55:48 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\Leadertech
[2008.06.01 16:09:02 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\Lenovo
[2009.04.14 05:32:08 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\LimeWire
[2008.07.26 15:35:24 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\Panasonic
[2008.07.27 11:27:41 | 000,000,000 | ---D | M] -- C:\Users\Janina\AppData\Roaming\Ulead Systems
[2012.07.23 15:56:07 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.09 19:10:10 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.10.12 20:37:38 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.09.07 21:31:19 | 000,000,000 | ---D | M] -- C:\A
[2008.08.13 20:35:53 | 000,000,000 | -HSD | M] -- C:\Boot
[2010.05.16 17:17:30 | 000,000,000 | ---D | M] -- C:\CHFahrschule
[2006.11.02 14:00:38 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2007.11.18 20:56:46 | 000,000,000 | ---D | M] -- C:\DRIVERS
[2012.04.29 22:05:44 | 000,000,000 | -HSD | M] -- C:\found.000
[2012.06.09 08:58:39 | 000,000,000 | -HSD | M] -- C:\found.001
[2007.11.18 20:21:04 | 000,000,000 | ---D | M] -- C:\Intel
[2008.07.20 20:33:50 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2007.11.18 20:41:31 | 000,000,000 | ---D | M] -- C:\MyWorks
[2009.06.12 22:44:47 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2012.04.11 20:06:40 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.08.10 11:39:18 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2008.07.21 12:16:47 | 000,000,000 | ---D | M] -- C:\Programme
[2008.06.05 10:51:39 | 000,000,000 | RHSD | M] -- C:\RRbackups
[2012.08.08 19:57:55 | 000,000,000 | ---D | M] -- C:\SWSHARE
[2008.05.31 17:44:23 | 000,000,000 | ---D | M] -- C:\SWTOOLS
[2012.08.10 18:21:10 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2008.05.31 17:31:12 | 000,000,000 | R--D | M] -- C:\Users
[2012.08.10 18:56:14 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.08.13 20:01:28 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008.08.13 20:01:28 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.08.13 20:01:28 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.08.13 20:01:27 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.10.28 14:39:06 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.10.28 14:39:05 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTOR.SYS >
[2007.02.12 22:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2007.02.12 22:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\iaStor.sys
[2007.02.12 22:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys
[2007.02.12 22:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
< MD5 for: USER32.DLL >
[2007.11.18 19:37:42 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\System32\user32.dll
[2007.11.18 19:37:42 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2007.11.18 19:37:42 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\System32\drivers\ws2ifsl.sys
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\SoftwareDistribution\Download\ed4622e5538dd0902b6f6f3592a40a49\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2010.05.30 19:01:40 | 000,000,241 | ---- | M] () -- C:\Users\Janina\IfolorJavaUpload.data
[2012.08.10 11:39:07 | 000,061,440 | ---- | M] () -- C:\Users\Janina\ms.exe
[2012.08.10 19:10:40 | 003,407,872 | -HS- | M] () -- C:\Users\Janina\ntuser.dat
[2012.08.10 19:10:40 | 000,262,144 | -H-- | M] () -- C:\Users\Janina\ntuser.dat.LOG1
[2008.05.31 17:31:16 | 000,000,000 | -H-- | M] () -- C:\Users\Janina\ntuser.dat.LOG2
[2008.05.31 20:32:12 | 000,065,536 | -HS- | M] () -- C:\Users\Janina\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
[2008.05.31 20:32:12 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
[2008.05.31 20:32:12 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms
[2009.05.05 21:25:58 | 000,065,536 | -HS- | M] () -- C:\Users\Janina\NTUSER.DAT{1297f675-39ab-11de-a911-001dd9f5a238}.TM.blf
[2009.05.05 21:25:58 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\NTUSER.DAT{1297f675-39ab-11de-a911-001dd9f5a238}.TMContainer00000000000000000001.regtrans-ms
[2009.05.05 21:25:58 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\NTUSER.DAT{1297f675-39ab-11de-a911-001dd9f5a238}.TMContainer00000000000000000002.regtrans-ms
[2010.06.05 05:56:17 | 000,065,536 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{8ef3e3b2-705e-11df-ac3a-a5c6f8b537bd}.TM.blf
[2010.06.05 05:56:17 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{8ef3e3b2-705e-11df-ac3a-a5c6f8b537bd}.TMContainer00000000000000000001.regtrans-ms
[2010.06.05 05:56:17 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{8ef3e3b2-705e-11df-ac3a-a5c6f8b537bd}.TMContainer00000000000000000002.regtrans-ms
[2011.07.14 19:04:21 | 000,065,536 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{9690b011-ae43-11e0-89ab-9655a5ce2981}.TM.blf
[2011.07.14 19:04:22 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{9690b011-ae43-11e0-89ab-9655a5ce2981}.TMContainer00000000000000000001.regtrans-ms
[2011.07.14 19:04:22 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{9690b011-ae43-11e0-89ab-9655a5ce2981}.TMContainer00000000000000000002.regtrans-ms
[2011.02.05 10:37:12 | 000,065,536 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{d998f0e3-2f15-11e0-b099-8fb0b914de81}.TM.blf
[2011.02.05 10:37:12 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{d998f0e3-2f15-11e0-b099-8fb0b914de81}.TMContainer00000000000000000001.regtrans-ms
[2011.02.05 10:37:12 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{d998f0e3-2f15-11e0-b099-8fb0b914de81}.TMContainer00000000000000000002.regtrans-ms
[2009.09.28 07:13:30 | 000,065,536 | -HS- | M] () -- C:\Users\Janina\NTUSER.DAT{f029c710-abf5-11de-95ed-a72756ef9883}.TM.blf
[2009.09.28 07:13:30 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\NTUSER.DAT{f029c710-abf5-11de-95ed-a72756ef9883}.TMContainer00000000000000000001.regtrans-ms
[2009.09.28 07:13:30 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\NTUSER.DAT{f029c710-abf5-11de-95ed-a72756ef9883}.TMContainer00000000000000000002.regtrans-ms
[2012.02.18 22:11:28 | 000,065,536 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{fd78873e-5a74-11e1-a45f-902523bb8abd}.TM.blf
[2012.02.18 22:11:28 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{fd78873e-5a74-11e1-a45f-902523bb8abd}.TMContainer00000000000000000001.regtrans-ms
[2012.02.18 22:11:29 | 000,524,288 | -HS- | M] () -- C:\Users\Janina\ntuser.dat{fd78873e-5a74-11e1-a45f-902523bb8abd}.TMContainer00000000000000000002.regtrans-ms
[2006.11.02 14:02:02 | 000,000,020 | -HS- | M] () -- C:\Users\Janina\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< End of report > --- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 10.08.2012 19:03:03 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Janina\Downloads
Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000807 | Country: Switzerland | Language: DES | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 77.42% Memory free
4.23 Gb Paging File | 3.95 Gb Available in Paging File | 93.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 128.66 Gb Total Space | 6.17 Gb Free Space | 4.80% Space Free | Partition Type: NTFS
Drive D: | 13.93 Gb Total Space | 11.08 Gb Free Space | 79.55% Space Free | Partition Type: NTFS
Drive F: | 3.80 Gb Total Space | 1.14 Gb Free Space | 30.11% Space Free | Partition Type: FAT32
Computer Name: JANINA-PC | User Name: Janina | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Pixum EasyBook] -- "C:\Program Files\Pixum\Pixum EasyBook\Pixum EasyBook.exe" "%1" ()
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CF10A20-4348-4C61-8A63-BAA490EBAD06}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6F052503-B9C5-4F9D-AB57-157A75D79E5A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{80E75CDF-8516-47BF-8F28-B53CCBBE1C50}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B7F5D065-2ECA-4CDF-A514-3A20C26BF598}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CE309C82-EF63-4713-89C9-BA16D1838781}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D6E46417-C052-4E73-80F3-E348E8FD595B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE4578D0-F521-46A4-8487-401D7B7E23C6}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{E873BD9A-D1D4-4DCC-8509-5FEF4AE780A4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{075E2C2B-9126-4AB8-BD1D-D09450F8482E}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{11E04BB8-060F-402D-AFE5-5A51394EC479}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{12BE422F-C509-413B-9766-118349205E93}" = dir=in | app=c:\program files\lenovo multimedia center\powerdirector express\pdx.exe |
"{17B4B631-0A81-4307-9971-F6B4B00CE0BA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24141C92-27D0-464F-B56C-0EE7898481D0}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{2AE21519-A0AD-42CB-A407-45BDF5BE6F35}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2CC448F1-A9DB-4639-9853-8B7BF53A1168}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{3F8CD94F-3F6B-42ED-9B76-87FB007625D0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{40334B9D-1444-4A76-BD07-BB6C77C4DF6B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{4145A55F-4294-4461-81DD-EC2F6B03CA14}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{4CD45FD4-6B06-4918-BEDE-8DEFC0B089A3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{63404031-EAF1-4BFE-94B6-F0B0EA52C29D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7A8B9080-97B5-4A94-ACEE-BC78B1AC6C6A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7D236059-0E26-49AD-84EA-6FD80E8F3F7C}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{978D0824-D74C-4437-9CA1-B5030A2E9E9C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{A1FD7D10-01AB-4A2E-A380-34710BF52EDE}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{D5A51CDC-BAD5-49E3-8F98-8866C40E0FD6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{DFA9F5D2-24EB-4BC6-AEAE-B6485843CF17}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{E122372F-428A-4713-A80A-360D86022092}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EC987CF5-7B15-4A65-A549-B3ACA51A0144}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F31A6018-6E62-44B5-A9FB-499384200E2E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{08AC1927-45F1-4AE8-91C4-272F14AF698C}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{1E826A62-DCF8-4E4E-8DE8-CEBEE866224E}C:\program files\aim6\aim6.exe" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"TCP Query User{590C2E9B-C740-4C95-B799-8085A07E9726}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{629FF09C-43A3-4FCE-88EF-070714AD6E8F}C:\program files\chilirec\chilirec.exe" = protocol=6 | dir=in | app=c:\program files\chilirec\chilirec.exe |
"UDP Query User{397BFC6C-5CCC-4910-A532-B868304DBFDC}C:\program files\chilirec\chilirec.exe" = protocol=17 | dir=in | app=c:\program files\chilirec\chilirec.exe |
"UDP Query User{950DAC1A-2B24-465B-A465-AED6C86A7126}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{FAF95790-15BA-4A26-ADBA-52C826671D10}C:\program files\aim6\aim6.exe" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = Lenovo Bluetooth with Enhanced Data Rate Software 6.0.1.4900
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0F4EFCE8-E358-4430-A504-F55F32BA1816}" = Client Security Solution
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Lenovo Multimedia Center
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.33
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62715632-A555-4D9E-9CEC-4F84EB55B07B}" = PM Driver
"{6280149E-EFF3-4F1B-BD43-5B7EDD6F620A}" = Lenovo Care Supplement
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Home
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E4C16B8-8F76-4940-8505-98E93C00BF19}" = Rescue and Recovery
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007
"{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_WORD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_WORD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_WORD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_WORD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_WORD_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_WORD_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer-
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A52A504E-18BE-4821-9A2A-BFB4542DA0BD}" = Lenovo PM Driver
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B1F625EB-9691-4889-A864-DA085739F3F0}" = Power Ux Customization
"{B293806D-4407-4287-A00C-E9064174EF89}" = Network Magic
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C73F2967-062E-48F2-A462-D335B8950183}" = Safari
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF52099A-3BEA-4C41-AEA8-1E190F04D737}" = Lenovo Care
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{DA932D71-E52A-43D5-009E-395A1AEC1474}" = The Sims™ Life Stories
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69BD802-57A2-428F-9CA6-9C006E5F8DFA}" = Cisco AnyConnect Secure Mobility Client
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC422FB2-9F4D-4FB1-A5CE-5F741132EBC5}" = Lenovo Fingerprint Software
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E65DE4-FACC-4D6F-BFFC-1AB96CB86288}" = First Certificate Language Practice CD-ROM
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF164702-AF8B-4F2F-8038-74A4C536866B}" = Ulead DVD MovieFactory 5 Plus
"6991-5838-3837-9203" = eTax.zug 2010 nP 10.0.5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AIM Toolbar" = AIM Toolbar
"AIM_7" = AIM 7
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AwayTask" = Maintenance Manager
"BSPlayerp" = BS.Player PRO
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Chilirec_0" = Chilirec 1.02
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-01-24
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0032)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 1324] [2007-07-01]
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908
"InstallShield_{62715632-A555-4D9E-9CEC-4F84EB55B07B}" = PM Driver
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"IrfanView" = IrfanView (remove only)
"Lenovo Registration" = Lenovo Registration
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LimeWire" = LimeWire 5.1.2
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express 2
"NMPUninstallKey" = Nero Media Player
"NVIDIA Drivers" = NVIDIA Drivers
"OnScreenDisplay" = On Screen Display
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Picasa2" = Picasa 2
"Pixum EasyBook" = Pixum EasyBook
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"UltraStar" = UltraStar 0.6.0
"Uninstall_is1" = Uninstall 1.0.0.1
"USBPMon" = Registry patch for Windows Vista USB S3 PM Enablement
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6h
"WinLiveSuite_Wave3" = Windows Live Essentials
"WORD" = Microsoft Office Word 2007
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.08.2012 13:05:19 | Computer Name = Janina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 22993736
Error - 10.08.2012 13:05:19 | Computer Name = Janina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22993736
Error - 10.08.2012 13:05:20 | Computer Name = Janina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 10.08.2012 13:05:20 | Computer Name = Janina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 22995047
Error - 10.08.2012 13:05:20 | Computer Name = Janina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22995047
Error - 10.08.2012 13:05:22 | Computer Name = Janina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 10.08.2012 13:05:22 | Computer Name = Janina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 22996591
Error - 10.08.2012 13:05:22 | Computer Name = Janina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22996591
Error - 10.08.2012 13:25:54 | Computer Name = Janina-PC | Source = WerSvc | ID = 5007
Description =
Error - 10.08.2012 13:56:59 | Computer Name = Janina-PC | Source = EventSystem | ID = 4609
Description =
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 10.08.2012 13:21:15 | Computer Name = JANINA-PC | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
1194 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31522780
(0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
Error - 10.08.2012 13:21:15 | Computer Name = JANINA-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1023 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28901363
(0xFE47000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target
Error - 10.08.2012 13:21:15 | Computer Name = JANINA-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
859 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28901363 (0xFE47000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 10.08.2012 13:23:05 | Computer Name = Janina-PC | Source = acvpnui | ID = 67108866
Description = Function: Directory::ReadDir File: .\Utility\Directory.cpp Line: 156
Invoked
Function: ::FindNextFile Return Code: 18 (0x00000012) Description: There are no more
files.
Error - 10.08.2012 13:23:29 | Computer Name = Janina-PC | Source = acvpnui | ID = 67108866
Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_MR30.459670239829\DaVinci_MR3\vpn\Common\Utility/PluginLoader.h
Line:
145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C)
Description:
PLUGINLOADER_ERROR_COULD_NOT_CREATE
Error - 10.08.2012 13:23:29 | Computer Name = Janina-PC | Source = acvpnui | ID = 67108866
Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_MR30.459670239829\DaVinci_MR3\vpn\Common\Utility/PluginLoader.h
Line:
145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C)
Description:
PLUGINLOADER_ERROR_COULD_NOT_CREATE
Error - 10.08.2012 13:23:29 | Computer Name = Janina-PC | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::getDARTInstallDir File: .\mainfrm.cpp Line: 4214
Invoked
Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: No more data
is available.
Error - 10.08.2012 13:23:50 | Computer Name = Janina-PC | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1058 NULL object. Cannot establish a connection at this time.
Error - 10.08.2012 13:23:50 | Computer Name = Janina-PC | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::showTrayIcon File: .\mainfrm.cpp Line: 2092 Invoked
Function: TrayIconImpl::setState Return Code: -33554425 (0xFE000007) Description:
GLOBAL_ERROR_NOT_INITIALIZED
Error - 10.08.2012 13:23:50 | Computer Name = Janina-PC | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::OnCreate File: .\mainfrm.cpp Line: 419 Invoked
Function: TrayIconImpl::setState Return Code: -33554425 (0xFE000007) Description:
(TIS_DISCONNECTED)
[ OSession Events ]
Error - 03.07.2009 16:46:21 | Computer Name = Janina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
Error - 31.07.2009 10:56:44 | Computer Name = Janina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 02.09.2009 14:49:14 | Computer Name = Janina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.09.2009 12:38:59 | Computer Name = Janina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.09.2009 02:36:52 | Computer Name = Janina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.09.2009 13:54:30 | Computer Name = Janina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 10.08.2012 13:19:12 | Computer Name = Janina-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.08.2012 13:24:05 | Computer Name = Janina-PC | Source = DCOM | ID = 10005
Description =
Error - 10.08.2012 13:24:05 | Computer Name = Janina-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 10.08.2012 13:24:05 | Computer Name = Janina-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.08.2012 13:56:34 | Computer Name = Janina-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 18:54:37 on 10.08.2012 was unexpected.
Error - 10.08.2012 13:56:45 | Computer Name = Janina-PC | Source = DCOM | ID = 10005
Description =
Error - 10.08.2012 13:56:59 | Computer Name = Janina-PC | Source = DCOM | ID = 10005
Description =
Error - 10.08.2012 13:57:00 | Computer Name = Janina-PC | Source = DCOM | ID = 10005
Description =
Error - 10.08.2012 13:57:13 | Computer Name = Janina-PC | Source = DCOM | ID = 10005
Description =
Error - 10.08.2012 14:17:52 | Computer Name = Janina-PC | Source = DCOM | ID = 10005
Description =
< End of report > --- --- --- |