Eispirat11 | 05.09.2012 00:25 | Hier die LogfilesOTL Logfile: Code:
OTL logfile created on: 05.09.2012 00:50:39 - Run 1
OTL by OldTimer - Version 3.2.60.0 Folder = C:\Users\R\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 66,06% Memory free
6,99 Gb Paging File | 5,69 Gb Available in Paging File | 81,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,42 Gb Total Space | 49,97 Gb Free Space | 44,85% Space Free | Partition Type: NTFS
Drive D: | 5,82 Gb Total Space | 0,72 Gb Free Space | 12,42% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 421,24 Gb Free Space | 90,44% Space Free | Partition Type: NTFS
Drive G: | 2,00 Gb Total Space | 1,66 Gb Free Space | 82,84% Space Free | Partition Type: NTFS
Drive H: | 7,66 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 222,98 Gb Total Space | 148,88 Gb Free Space | 66,77% Space Free | Partition Type: NTFS
Drive J: | 7,89 Gb Total Space | 0,93 Gb Free Space | 11,73% Space Free | Partition Type: NTFS
Computer Name: R-HP | User Name: R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.09.05 00:43:54 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\R\Desktop\OTL.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.19 15:18:38 | 002,568,120 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Programme\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2012.07.14 03:27:37 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.07.14 03:24:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012.07.03 03:21:38 | 026,868,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\R\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.02 17:12:50 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.07.02 17:12:42 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.07.02 17:12:40 | 000,975,288 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.06.17 09:51:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieSvc.exe
PRC - [2012.06.11 19:19:36 | 000,468,992 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.06.11 19:19:02 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.05.30 10:29:38 | 007,408,544 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Wacom\Wacom_Tablet.exe
PRC - [2012.05.30 10:29:38 | 003,901,856 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Wacom\Wacom_TouchUser.exe
PRC - [2012.05.30 10:29:38 | 001,624,480 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Wacom\Wacom_TabletUser.exe
PRC - [2012.05.30 10:29:38 | 000,483,744 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Wacom\Wacom_TouchService.exe
PRC - [2011.09.09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
PRC - [2011.05.05 16:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Programme\PDF Complete\pdfsvc.exe
PRC - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.03.17 15:06:50 | 000,132,152 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
PRC - [2011.03.17 15:06:30 | 002,941,496 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
PRC - [2011.03.16 11:26:42 | 000,070,256 | ---- | M] (Portrait Displays, Inc) -- C:\Programme\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2011.03.16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Programme\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2010.11.20 23:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 23:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.10 16:36:48 | 000,110,592 | ---- | M] (Broadcom Corporation) -- C:\Programme\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
PRC - [2009.03.16 00:47:28 | 000,122,880 | ---- | M] () -- C:\Windows\System32\WinMsgBalloonServer.exe
PRC - [2009.03.16 00:47:24 | 000,139,264 | ---- | M] () -- C:\Windows\System32\WinMsgBalloonClient.exe
PRC - [2009.03.16 00:47:22 | 000,122,880 | ---- | M] (AMD) -- C:\Programme\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009.03.16 00:47:20 | 000,065,536 | ---- | M] () -- C:\Programme\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2006.09.19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.28 15:01:48 | 000,877,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2012.07.21 14:56:40 | 000,092,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll
MOD - [2012.07.21 14:56:40 | 000,077,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll
MOD - [2012.07.15 16:05:21 | 000,115,137 | ---- | M] () -- C:\Users\R\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
MOD - [2012.07.15 16:02:02 | 014,336,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\05ad0cf032033919336e9a3facdf73d1\Kies.Theme.ni.dll
MOD - [2012.07.15 16:02:02 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9287058baeb2cad006deda841913c692\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.07.15 16:02:01 | 000,506,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\b75b9de1dd49837d194511e6470c5ed2\Kies.Common.MediaDB.ni.dll
MOD - [2012.07.15 16:02:00 | 000,194,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\4401f8d840e3d7a09d7f555a53d713ef\ASF_cSharpAPI.ni.dll
MOD - [2012.07.15 16:02:00 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\b3c444af553319740da198117843ff51\Kies.Common.AllShare.ni.dll
MOD - [2012.07.15 16:02:00 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\7659186cf36ec04feb3156802c29507d\Kies.Common.StoreManager.ni.dll
MOD - [2012.07.15 16:01:59 | 000,276,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\dd028c91e8f8852ab2ed9cb1cc92d4d9\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.07.15 16:01:59 | 000,189,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\25cf4f8787b24f2e1a104df1aad22a0b\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.07.15 16:01:59 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AdminCmdAgent\8c8e5aa9d6ccbb5d34bc24fb6c626953\AdminCmdAgent.ni.dll
MOD - [2012.07.15 16:01:58 | 000,563,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e002cf93ab409473876e76984c252387\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.07.15 16:01:58 | 000,561,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a6cd23051fb43779426900c9d2acd6e7\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.07.15 16:01:58 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\96cb2ec6e8aeaacd26c6034d876f3ac2\Interop.DevFileServiceLib.ni.dll
MOD - [2012.07.15 16:01:56 | 001,011,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\347871493efe3049b2de559aece4c546\Kies.Common.DeviceService.ni.dll
MOD - [2012.07.15 16:01:56 | 000,894,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\990946db7d3660a87a755b44979c79f3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.07.15 16:01:56 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d94dc15b2daff1d72d41f1def3a0b021\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.07.15 16:01:55 | 002,187,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\2cc285c6ad5cfbaebadc53d46dff3cd6\Kies.Common.Multimedia.ni.dll
MOD - [2012.07.15 16:01:54 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.07.15 16:01:54 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.07.15 16:01:54 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.07.15 16:01:54 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\ef9f4aaffdadfc31070e1a838951b277\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.07.15 16:01:52 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\b9f54fbb09b9a5adfa8a342a07011ea2\Kies.Common.MainUI.ni.dll
MOD - [2012.07.15 16:01:51 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.07.15 16:01:51 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\d3f05f6604ef947139cd48fbb08f5206\Kies.Common.DBManager.ni.dll
MOD - [2012.07.15 16:01:50 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.07.15 16:01:49 | 001,671,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\8c9ec54428e115ef6846cccd69247d70\Kies.UI.ni.dll
MOD - [2012.07.15 16:01:49 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.07.15 16:01:49 | 000,261,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\5ebd38662499550bf9665913962f6b3d\Kies.Common.Util.ni.dll
MOD - [2012.07.15 16:01:48 | 001,381,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\7a59be2dfd1d3f99b3489eea8df66016\Kies.Locale.ni.dll
MOD - [2012.07.15 16:01:48 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.07.15 16:01:47 | 001,181,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\73962fb5234895e46e79de6e1711d093\Kies.Interface.ni.dll
MOD - [2012.07.15 16:01:47 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.07.15 16:01:47 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\adb0105c92aaf42f571a2fd25a4228a9\Kies.MVVM.ni.dll
MOD - [2012.07.15 16:01:41 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.07.15 16:01:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.07.15 16:01:30 | 001,690,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\85a198a48a4b5798d882cabc4d5489dd\Kies.ni.exe
MOD - [2012.07.15 16:01:29 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.07.15 15:58:39 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.07.15 15:58:26 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.07.15 15:58:17 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.07.15 15:58:17 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.07.15 15:58:13 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.07.15 15:58:12 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.07.15 15:58:07 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.07.15 15:58:02 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.07.15 15:58:00 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.07.15 15:57:59 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.07.15 15:57:53 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.07.14 03:16:51 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2012.07.14 03:16:51 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_de_b77a5c561934e089\System.Core.resources.dll
MOD - [2012.07.14 03:16:45 | 000,167,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll
MOD - [2012.07.14 03:16:43 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2012.07.13 19:50:47 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012.07.13 19:49:43 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012.07.13 19:45:11 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012.07.13 19:45:07 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012.07.13 19:44:57 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012.07.13 19:44:49 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.07.13 19:44:47 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012.07.13 19:44:45 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.07.13 19:44:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.07.13 19:44:33 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll
MOD - [2012.07.13 19:44:33 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
MOD - [2012.07.13 19:44:32 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012.07.13 19:44:29 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.07.13 19:44:24 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.07.13 19:44:22 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.07.13 19:44:19 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.07.13 19:44:15 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.07.13 19:44:11 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.07.02 17:12:50 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.05.30 10:29:38 | 000,963,488 | ---- | M] () -- C:\Programme\Tablet\Wacom\libxml2.dll
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.01.08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2011.03.17 15:09:16 | 000,036,408 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Power Assistant\HPPA_Remote.dll
MOD - [2011.03.17 15:08:42 | 000,097,336 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
MOD - [2011.03.17 15:08:30 | 000,046,136 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Power Assistant\Graphs.dll
MOD - [2010.12.13 13:49:12 | 000,886,272 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.DLL
MOD - [2010.11.20 23:29:11 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010.11.13 01:19:05 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.05.27 12:40:48 | 000,270,336 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.04.16 14:20:06 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.06.10 23:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2006.09.19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe
========== Services (SafeList) ==========
SRV - [2012.08.25 03:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.19 15:18:38 | 002,568,120 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Programme\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2012.07.14 00:15:26 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.17 09:51:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012.06.11 19:19:02 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.05.30 10:29:38 | 007,408,544 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV - [2012.05.30 10:29:38 | 000,483,744 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Wacom\Wacom_TouchService.exe -- (TouchServiceWacom)
SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.09.09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011.05.05 16:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.03.17 15:06:50 | 000,132,152 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV - [2011.03.16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Programme\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2010.11.20 23:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.10 16:36:48 | 000,110,592 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Programme\Broadcom\MgmtAgent\BrcmMgmtAgent.exe -- (BrcmMgmtAgent)
SRV - [2009.03.16 00:47:22 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Programme\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2007.05.31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.14 00:03:36 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.06.17 09:51:54 | 000,137,488 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012.06.11 20:58:44 | 008,733,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.06.11 18:25:48 | 000,295,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.05.30 10:30:06 | 000,056,184 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wachidrouter.sys -- (WacHidRouter)
DRV - [2012.05.30 10:30:06 | 000,011,640 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2012.05.07 14:42:30 | 000,013,688 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.06.02 07:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.06.02 07:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.06.02 07:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.11.04 21:52:50 | 000,064,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2010.11.04 21:52:50 | 000,032,384 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010.05.06 11:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.10.20 15:15:00 | 000,185,912 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009.05.11 11:55:12 | 000,084,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\basp.sys -- (Blfp)
DRV - [2009.05.05 12:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2007.03.27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMDTDF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{263AC96D-6973-4C7B-BA7B-C8207F88397E}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMDTDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "hxxp://www.google.de/search?q="
FF - prefs.js..network.proxy.type: 4
FF - HKLM\Software\MozillaPlugins\@xxxxx.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\xxxxx Acrobat: C:\Program Files\xxxxx\Acrobat 9.0\Acrobat\Air\nppdf32.dll (xxxxx Systems Inc.)
FF - HKLM\Software\MozillaPlugins\xxxxx Reader: C:\Program Files\xxxxx\Reader 10.0\Reader\AIR\nppdf32.dll (xxxxx Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\R\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\R\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.30 19:52:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.03 22:46:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.15 15:09:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2012.07.13 20:02:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\R\AppData\Roaming\mozilla\Extensions
[2012.09.05 00:41:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\R\AppData\Roaming\mozilla\Firefox\Profiles\opyqcdm6.default\extensions
[2012.07.15 15:22:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\R\AppData\Roaming\mozilla\Firefox\Profiles\opyqcdm6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.15 15:22:32 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\R\AppData\Roaming\mozilla\Firefox\Profiles\opyqcdm6.default\extensions\DeviceDetection@logitech.com
[2012.07.15 15:22:33 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\R\AppData\Roaming\mozilla\Firefox\Profiles\opyqcdm6.default\extensions\ich@maltegoetz.de
[2012.05.18 21:22:46 | 000,000,933 | ---- | M] () -- C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\opyqcdm6.default\searchplugins\11-suche.xml
[2012.05.18 21:22:46 | 000,002,419 | ---- | M] () -- C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\opyqcdm6.default\searchplugins\englische-ergebnisse.xml
[2012.05.18 21:22:46 | 000,010,525 | ---- | M] () -- C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\opyqcdm6.default\searchplugins\gmx-suche.xml
[2012.05.18 21:22:46 | 000,002,457 | ---- | M] () -- C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\opyqcdm6.default\searchplugins\lastminute.xml
[2012.05.18 21:22:46 | 000,005,508 | ---- | M] () -- C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\opyqcdm6.default\searchplugins\webde-suche.xml
[2012.09.03 22:46:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.08.30 19:52:48 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.07.19 16:29:32 | 000,060,833 | ---- | M] () (No name found) -- C:\USERS\R\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OPYQCDM6.DEFAULT\EXTENSIONS\FIREDIFF@JOHNJBARTON.COM.XPI
[2012.09.05 00:41:51 | 000,010,175 | ---- | M] () (No name found) -- C:\USERS\R\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OPYQCDM6.DEFAULT\EXTENSIONS\INFO@CSSUPDATER.COM.XPI
[2012.08.25 04:00:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.08.25 04:49:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.25 04:49:52 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.08.25 04:49:52 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.25 04:49:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.25 04:49:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.25 04:49:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage:
CHR - homepage:
CHR - Extension: avast! WebRep = C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
O1 HOSTS File: ([2012.07.14 15:25:08 | 000,003,971 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 80 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\R\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AE44DF0-E084-4141-811A-99ECB2745418}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.06.13 11:12:34 | 000,000,043 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - I:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2e682a4f-cd03-11e1-b9f0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2e682a4f-cd03-11e1-b9f0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe
O33 - MountPoints2\{72bfeed9-cd34-11e1-8040-6431501cd21b}\Shell - "" = AutoRun
O33 - MountPoints2\{72bfeed9-cd34-11e1-8040-6431501cd21b}\Shell\AutoRun\command - "" = H:\start.exe -- [2011.06.30 15:56:48 | 005,695,384 | R--- | M] (video2brain )
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: PDF Complete - hkey= - key= - C:\Programme\PDF Complete\pdfsty.exe (PDF Complete Inc)
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.09.05 00:43:52 | 000,599,040 | ---- | C] (OldTimer Tools) -- C:\Users\R\Desktop\OTL.exe
[2012.09.03 22:53:40 | 000,000,000 | ---D | C] -- C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.09.03 22:31:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.09.03 22:31:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.09.02 16:31:42 | 000,000,000 | ---D | C] -- C:\Users\R\AppData\Roaming\vlc
[2012.09.02 16:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.09.02 16:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012.09.01 02:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.08.27 14:03:03 | 000,000,000 | ---D | C] -- C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends
[2012.08.27 13:21:10 | 000,000,000 | ---D | C] -- C:\xampp
[2012.08.26 18:17:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012.08.26 18:14:25 | 000,000,000 | ---D | C] -- C:\Users\R\AppData\Roaming\eType
[2012.08.26 18:14:10 | 000,000,000 | ---D | C] -- C:\Users\R\AppData\Roaming\Babylon
[2012.08.17 17:45:28 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2012.08.10 13:23:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2012.08.10 13:07:37 | 000,666,024 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\System32\WibuCm32.dll
[2012.08.10 13:07:37 | 000,000,000 | ---D | C] -- C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v4
[2012.08.10 13:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\CodeMeter
[2012.08.10 13:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\GetData
[2012.08.08 23:49:46 | 000,000,000 | ---D | C] -- C:\Users\R\AppData\Roaming\Leadertech
[2012.08.08 23:49:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2012.08.08 23:49:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012.08.08 23:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012.08.08 23:49:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2012.08.08 23:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2012.08.08 23:47:55 | 000,000,000 | ---D | C] -- C:\Users\R\AppData\Roaming\Logitech
[2012.08.08 23:47:55 | 000,000,000 | ---D | C] -- C:\Users\R\AppData\Roaming\Logishrd
========== Files - Modified Within 30 Days ==========
[2012.09.05 00:46:21 | 000,002,402 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012.09.05 00:43:54 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\R\Desktop\OTL.exe
[2012.09.05 00:01:00 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.04 23:57:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-74249840-2228024122-3059207861-1000UA.job
[2012.09.04 22:57:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-74249840-2228024122-3059207861-1000Core.job
[2012.09.04 21:14:04 | 000,016,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.04 21:14:04 | 000,016,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.04 21:11:32 | 000,696,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.04 21:11:32 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.04 21:11:32 | 000,147,916 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.04 21:11:32 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.04 21:08:05 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.04 21:06:58 | 000,000,000 | -H-- | M] () -- C:\ProgramData\cm-lock
[2012.09.04 21:06:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.04 21:06:51 | 2814,947,328 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.03 22:53:41 | 000,002,336 | ---- | M] () -- C:\Users\R\Desktop\Google Chrome.lnk
[2012.09.03 22:50:45 | 000,000,304 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForR.job
[2012.09.03 22:46:28 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.09.02 16:31:13 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.30 19:52:48 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.08.27 14:03:03 | 000,000,608 | ---- | M] () -- C:\Users\R\Desktop\XAMPP Control Panel.lnk
[2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.08.21 11:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.08.21 11:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.08.17 17:46:10 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2012.08.15 03:18:01 | 003,649,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.10 13:23:07 | 000,001,797 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2012.08.10 13:11:30 | 000,001,196 | ---- | M] () -- C:\Users\R\Desktop\Recover My Files.lnk
========== Files Created - No Company Name ==========
[2012.09.04 21:06:58 | 000,000,000 | -H-- | C] () -- C:\ProgramData\cm-lock
[2012.09.03 22:53:41 | 000,002,336 | ---- | C] () -- C:\Users\R\Desktop\Google Chrome.lnk
[2012.09.03 22:52:45 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-74249840-2228024122-3059207861-1000UA.job
[2012.09.03 22:52:45 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-74249840-2228024122-3059207861-1000Core.job
[2012.09.03 22:46:28 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.09.03 22:46:28 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.09.02 16:31:13 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.27 14:03:03 | 000,000,608 | ---- | C] () -- C:\Users\R\Desktop\XAMPP Control Panel.lnk
[2012.08.17 17:46:10 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2012.08.17 17:45:35 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2012.08.10 13:07:38 | 000,001,196 | ---- | C] () -- C:\Users\R\Desktop\Recover My Files.lnk
[2012.07.15 22:33:02 | 000,000,191 | ---- | C] () -- C:\Windows\System32\HPPA.ini
[2012.07.14 03:17:33 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2012.07.14 03:17:32 | 000,696,620 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2012.07.14 03:17:32 | 000,147,916 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2012.07.14 03:17:32 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2012.07.13 22:59:27 | 000,002,402 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012.07.13 20:16:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.06.26 16:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.06.26 16:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.06.26 16:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.06.26 16:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.06.26 16:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.06.11 18:41:48 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.06.11 18:41:48 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.04.12 21:30:10 | 000,637,743 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.11.20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
========== LOP Check ==========
[2012.08.26 18:14:10 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\Babylon
[2012.07.14 00:06:44 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\DAEMON Tools Lite
[2012.09.04 21:08:17 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\Dropbox
[2012.07.27 14:09:29 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\elsterformular
[2012.08.26 18:16:42 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\eType
[2012.08.13 02:20:26 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\FileZilla
[2012.07.16 20:29:57 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\GalileoPress
[2012.08.08 23:49:46 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\Leadertech
[2012.07.15 16:05:16 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\Samsung
[2012.07.21 00:10:04 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.07.15 15:07:21 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\Thunderbird
[2012.07.21 14:54:49 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Roaming\WinBatch
[2009.07.14 06:53:46 | 000,020,034 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.08.15 17:01:19 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2012.07.13 20:38:56 | 000,000,000 | ---D | M] -- C:\AMD
[2012.09.03 22:50:35 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.07.13 17:58:37 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.07.13 17:59:17 | 000,000,000 | RHSD | M] -- C:\HP
[2009.07.14 04:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.09.03 22:31:04 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.09.04 21:06:58 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.13 17:58:37 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.02.10 22:33:59 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.07.14 15:38:38 | 000,000,000 | R--D | M] -- C:\Sandbox
[2012.07.13 19:12:59 | 000,000,000 | ---D | M] -- C:\SWSETUP
[2012.09.05 00:52:10 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.07.13 19:12:55 | 000,000,000 | -H-D | M] -- C:\system.sav
[2012.07.15 16:21:13 | 000,000,000 | ---D | M] -- C:\Temp
[2012.07.13 17:59:10 | 000,000,000 | R--D | M] -- C:\Users
[2012.09.05 00:46:21 | 000,000,000 | ---D | M] -- C:\Windows
[2012.08.27 14:06:36 | 000,000,000 | ---D | M] -- C:\xampp
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %windir%\installer\*. /5 >
[2012.09.03 22:31:08 | 000,000,000 | ---D | M] -- C:\Windows\installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
[2012.09.03 22:37:33 | 000,000,000 | ---D | M] -- C:\Windows\installer\{AC76BA86-7AD7-1031-7B44-AA1000000001}
< %localappdata%\*. /5 >
[2012.09.03 22:52:45 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Local\Google
[2012.09.05 00:49:30 | 000,000,000 | ---D | M] -- C:\Users\R\AppData\Local\Temp
< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: USER32.DLL >
[2010.11.20 23:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 23:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< End of report > --- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 05.09.2012 00:50:39 - Run 1
OTL by OldTimer - Version 3.2.60.0 Folder = C:\Users\R\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 66,06% Memory free
6,99 Gb Paging File | 5,69 Gb Available in Paging File | 81,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,42 Gb Total Space | 49,97 Gb Free Space | 44,85% Space Free | Partition Type: NTFS
Drive D: | 5,82 Gb Total Space | 0,72 Gb Free Space | 12,42% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 421,24 Gb Free Space | 90,44% Space Free | Partition Type: NTFS
Drive G: | 2,00 Gb Total Space | 1,66 Gb Free Space | 82,84% Space Free | Partition Type: NTFS
Drive H: | 7,66 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 222,98 Gb Total Space | 148,88 Gb Free Space | 66,77% Space Free | Partition Type: NTFS
Drive J: | 7,89 Gb Total Space | 0,93 Gb Free Space | 11,73% Space Free | Partition Type: NTFS
Computer Name: R-HP | User Name: R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{012AE7AA-6E2E-4FAC-9605-15F4D620FBC0}" = rport=138 | protocol=17 | dir=out | app=system |
"{0301C5AB-B34C-4945-95C2-0D996A94A092}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{1375EBE9-DA9A-4972-839A-93D52FFE647A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14346479-2A42-47BA-B438-8FC684475DF0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4AA124DC-BA9B-40EA-BFE3-1C3685A94F27}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4C3F35D1-B044-4FC0-9A50-25D28A365A42}" = lport=445 | protocol=6 | dir=in | app=system |
"{568CF5C5-624E-456B-8EE8-8DFB66524934}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{673239C1-2702-41D5-B4DF-C12F36AD3EE4}" = rport=445 | protocol=6 | dir=out | app=system |
"{6BCC1344-FC94-4023-AFED-CC006A8B18AF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6F0A0222-0677-48F1-B8F4-B4F9013DC50C}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{76BA04BB-FCC4-4ED9-B31B-C6022B66354D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{804EF7CD-5B49-4723-83F1-B6EE503C1213}" = rport=139 | protocol=6 | dir=out | app=system |
"{882CCA47-E289-4B38-BF9D-9803A2D868B7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{886F43FB-6510-4CD9-BFFE-C9ACC094347E}" = rport=137 | protocol=17 | dir=out | app=system |
"{8942D051-BCC8-4426-8A35-D180F2F04E31}" = lport=2869 | protocol=6 | dir=in | app=system |
"{897652EB-5B03-463B-82DD-D846B4D7E840}" = lport=139 | protocol=6 | dir=in | app=system |
"{8CF1BD0B-A2AD-4A37-8984-E18DF03D8B07}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{94301F77-9491-40B6-9495-0A35F32C9108}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{95EF7AF0-7C8F-4D31-ACC4-03127C817349}" = lport=137 | protocol=17 | dir=in | app=system |
"{9A5DD8E4-3F14-4FC0-88B8-5057EF240B30}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A8EA3341-AF24-478C-9EBA-F80F20FEF26A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AEBA4B03-7DA2-46F9-935D-984EEEEEE199}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{B6F0C020-3DF0-40F3-9F24-8BDF631430AF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C2E7FE8D-8C12-41BE-9487-D7542B6B6EDF}" = lport=138 | protocol=17 | dir=in | app=system |
"{C8321D5F-B078-4B31-AA2F-A42712404888}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{CD30D31A-2BC1-4088-8C95-2B94CFEA4BCA}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DBD00219-59BD-4924-99A6-BF53BC3BCBDC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD45599A-598C-4172-A1C8-E71F09883EC2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EA12D637-BC01-4EC5-BD85-54D2CD8F2F4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF108B1D-5419-4BE0-A3A2-182F1D7B8321}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F7C07BB-CC4A-4B68-8A57-A746846828AB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{11ED8C4A-369C-4F01-A126-27D246ACD8A6}" = protocol=6 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"{19E399EC-6F0C-417D-8918-A90896485CD6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1B38219B-3127-4EAC-840D-FC7B4F79E8F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1C10C058-0522-4F30-BCBD-8E4FD36865D0}" = protocol=6 | dir=out | app=system |
"{1D4812FF-D5EC-4ADD-A893-6B4A1E8ED85E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{249BCA5D-A530-4A7A-BC9A-852DA9552877}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{28A571CD-908F-47F3-976D-5F497903BCE9}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2BC1493F-F9D6-4104-A994-EA9ED0CB7985}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C9CFAEE-D671-4D15-96D1-A87681F0D467}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{362B60C1-E4E5-469C-A841-8E67B32E8691}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{382D4287-6823-4A85-9672-1A2E123801C9}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{4264E8D5-CF19-4F1A-B8A2-D00ABF0AE805}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{438186E3-9291-4635-9391-A6DF3F2FA765}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4CE6E7CE-76C4-499B-B334-6F2396FED437}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{64E91BDB-FA3F-4058-AAAC-830BF79A8CFC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6AF6AC11-A712-44A6-8DA5-7FA0C54F448C}" = protocol=17 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{6FA3AD31-172F-4617-AAA2-45AB6EEE230B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{762B97C0-8A8E-4F18-8335-8822D2FF7BD8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7974E1DD-9009-421D-B1CC-402291870679}" = protocol=6 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{79E33D81-B761-4AEA-BB3B-983620B0985F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7F6BEB97-45DD-4B73-95C6-D991B29CFD97}" = protocol=17 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"{905109B6-66D6-4ED2-A340-85AB471F70CB}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{92C5C326-4E80-4B02-B005-8D734EB209E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B522E0BC-E72F-4980-8D8A-CDBC78D106B6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C086033B-4C13-48C2-840B-890117A2BDA2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C334D673-8C7F-40CE-8557-0A5BE05B0AEC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CDDD3638-0434-46AA-877B-CA81236E412A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF7FEF38-3931-45BF-BB50-09111B7E99C8}" = protocol=6 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{D1604F5B-3E30-4C88-82B0-3EB14EA14213}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6D5074E-5EDA-426C-9ABE-B9DCB92F6B66}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D88FAD08-EA94-41BD-8171-EF2DC7DECDA7}" = protocol=17 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{E0D440F9-80C2-4F54-AB71-327B6F84C9CB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FABE04CD-C37D-4C75-9FC6-617764948A27}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"TCP Query User{38952ED8-AD7B-485C-8183-6E865BBAAE8B}C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{4FD8A343-1C4E-4358-99E1-1C6C5B8EEEFC}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{5382F03E-C8AD-4AA1-8438-902F90401F5A}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{6B5ABF2E-339A-43F4-9360-1816CD68B22C}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{816C11E4-9EF4-4F48-A81E-C1F987A7BFB0}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"TCP Query User{E4B3C25F-7E93-46D9-97C9-D21AECEC2DE0}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{F8B970D2-FC80-4FD4-8C4F-10358A089F31}C:\xampp\filezillaftp\filezillaserver.exe" = protocol=6 | dir=in | app=c:\xampp\filezillaftp\filezillaserver.exe |
"UDP Query User{1F75BABD-0678-4174-A2FA-F0C5958D9B05}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{355DE1CE-7495-4AE5-85BA-361370AD2B41}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{5875C6A7-0BE6-4FBD-926A-4C53EDBBFE8E}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"UDP Query User{962D94C4-6E22-472E-84C4-5F29A7C96E4A}C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\r\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{9935DC00-A661-4A52-8AFF-39973750CDB6}C:\xampp\filezillaftp\filezillaserver.exe" = protocol=17 | dir=in | app=c:\xampp\filezillaftp\filezillaserver.exe |
"UDP Query User{9FA20A41-420D-4545-A10F-9B4621E55A2B}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{C51A7CE4-FA2E-4957-A10D-A95818B4F9E2}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06BE72CC-7FCB-4E54-8936-72F7F6EB5F84}" = HP Setup
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CA1005F-B640-0354-EC82-F8F7447A8E8A}" = CCC Help Hungarian
{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0FC472C3-6A2A-969F-10E7-E8F61B18117C}" = Catalyst Control Center Localization All
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460" = Canon MP460
"{12076C90-4A78-7241-F633-4D2B019D5611}" = CCC Help Thai
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{17E11EC2-3736-10A1-330C-CC7EB6CAC6B3}" = CCC Help Turkish
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{31B75145-DF24-C759-E735-9C129956961E}" = CCC Help Spanish
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59F5C54C-ED39-58B4-42DA-3F20AB440E49}" = CCC Help Czech
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{641C1B16-FD4C-0F97-47AE-76637FC64225}" = CCC Help English
"{64B157C9-C291-2535-8177-237BC2D37EBF}" = CCC Help Korean
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79C2D7F9-3BF8-52C1-6A7A-84C9296171F8}" = CCC Help German
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B29E627-71A5-6824-3F85-DBEF19624BD0}" = ccc-core-static
"{7E5C379D-035B-815D-E087-4CEA06C76A08}" = AMD Drag and Drop Transcoding
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85C3024B-A974-450C-4D46-C031F801F5EC}" = ccc-utility
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{88B2BB7B-A684-E8E3-65C6-DDC5DC152C2A}" = CCC Help French
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"{8CB77076-DB66-5D92-7886-807226C9CE4B}" = CCC Help Italian
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94F4B1D4-0BCC-E5C6-4EAE-F1A287383D5B}" = CCC Help Finnish
"{98838C21-AD83-77AA-3B09-F437C6F24F8F}" = CCC Help Dutch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6F56DA-7051-6677-4E5A-9DC6C573F2B5}" = CCC Help Portuguese
"{9FE051B0-39BC-F5DD-C99B-0D4793184C2A}" = CCC Help Chinese Standard
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA6B96C4-7AF5-3F6A-E630-4096508A9C47}" = CCC Help Danish
"{ACFB6965-D714-3786-6B50-58E21223CB96}" = ATI AVIVO Codecs
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B48E87FE-A8D9-EE14-B607-3FA1ACEF218E}" = CCC Help Norwegian
"{B4FA8E67-D299-485A-407B-05A2681BAF47}" = CCC Help Japanese
"{BB05BC7D-BEF8-7A7B-C62E-F1BE381E70BB}" = CCC Help Swedish
"{C3FA3CCE-2A88-0976-B875-4B3E9D41204D}" = Catalyst Control Center Graphics Previews Common
"{CC3ABC81-D0BA-4790-84DC-08B702D81D95}" = HP Power Assistant
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{CE9B60E1-BC90-DADA-0935-02F51FB9228C}" = AMD Catalyst Install Manager
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D34F0251-1C96-09B3-EE29-2A9148413252}" = CCC Help Chinese Traditional
"{D54A0D86-35B0-BFC8-174B-D991EDF903B8}" = Catalyst Control Center Graphics Previews Vista
"{D5610369-AF78-386F-4985-9822654973A3}" = CCC Help Polish
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E937F8DA-8C7F-ADFE-7EA5-7C1CAAB23C05}" = HydraVision
"{ECD129A4-5A21-1977-0849-6913BA6BA29C}" = CCC Help Russian
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C79C7B-585D-4D80-B042-677AC7564FCA}" = Broadcom Management Programs
"{F77D44EB-2A6E-E2EE-7C30-40A5409B2650}" = CCC Help Greek
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.25 alpha
"avast" = avast! Free Antivirus
"CanonMyPrinter" = Canon My Printer
"DAEMON Tools Lite" = DAEMON Tools Lite
"ElsterFormular" = ElsterFormular
"ExamDiff_is1" = ExamDiff 1.9 (Build 1.9.0.0)
"FileZilla Client" = FileZilla Client 3.5.3
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PDF Complete" = PDF Complete Special Edition
"Picasa 3" = Picasa 3
"Recover My Files_is1" = Recover My Files
"Recuva" = Recuva
"Sandboxie" = Sandboxie 3.72 (32-bit)
"sp6" = Logitech SetPoint 6.32
"VLC media player" = VLC media player 2.0.3
"Wacom Tablet Driver" = Wacom Tablett
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"xampp" = XAMPP 1.8.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.08.2012 05:47:32 | Computer Name = R-HP | Source = WinMgmt | ID = 10
Description =
Error - 20.08.2012 05:08:02 | Computer Name = R-HP | Source = WinMgmt | ID = 10
Description =
Error - 21.08.2012 20:31:33 | Computer Name = R-HP | Source = WinMgmt | ID = 10
Description =
Error - 22.08.2012 10:31:40 | Computer Name = R-HP | Source = WinMgmt | ID = 10
Description =
Error - 22.08.2012 15:45:51 | Computer Name = R-HP | Source = WinMgmt | ID = 10
Description =
Error - 25.08.2012 09:32:40 | Computer Name = R-HP | Source = WinMgmt | ID = 10
Description =
Error - 26.08.2012 11:59:19 | Computer Name = R-HP | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 11.08.2012 12:59:58 | Computer Name = R-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR4 gefunden.
Error - 11.08.2012 12:59:59 | Computer Name = R-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR4 gefunden.
Error - 11.08.2012 13:00:00 | Computer Name = R-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR4 gefunden.
Error - 11.08.2012 16:21:22 | Computer Name = R-HP | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 13.08.2012 13:26:17 | Computer Name = R-HP | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 16.08.2012 07:28:53 | Computer Name = R-HP | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 16.08.2012 07:48:06 | Computer Name = R-HP | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 25.08.2012 11:16:00 | Computer Name = R-HP | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 25.08.2012 11:22:05 | Computer Name = R-HP | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 27.08.2012 07:10:21 | Computer Name = R-HP | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
< End of report > --- --- --- |