OTL.txt: Code:
OTL logfile created on: 21.12.2012 17:09:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Olli-Rosi\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 66,01% Memory free
6,00 Gb Paging File | 4,60 Gb Available in Paging File | 76,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 579,59 Gb Free Space | 63,66% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,32 Gb Free Space | 51,60% Space Free | Partition Type: NTFS
Computer Name: OLLI-ROSI-PC | User Name: Olli-Rosi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.12.21 17:07:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olli-Rosi\Desktop\OTL.exe
PRC - [2012.10.04 15:57:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.17 04:24:09 | 000,995,352 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe
PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012.08.30 04:05:55 | 001,584,112 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe
PRC - [2012.08.23 14:46:06 | 001,542,680 | ---- | M] (G Data Software AG) -- C:\Programme\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2012.06.04 10:49:40 | 001,899,816 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe
PRC - [2012.04.18 10:56:22 | 001,557,160 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2012.03.29 03:42:27 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Programme\Common Files\G Data\GDScan\GDScan.exe
PRC - [2012.02.23 11:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012.01.27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
PRC - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\InternetSecurity\AVK\AVKService.exe
PRC - [2011.10.31 14:42:04 | 000,788,328 | ---- | M] () -- C:\Programme\PhotoDoseNEU\dd.exe
PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.08.29 22:18:39 | 001,164,584 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\meinsparbuchheute.exe
PRC - [2010.03.24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.09.01 16:31:26 | 001,086,760 | ---- | M] (Nero AG) -- C:\Programme\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009.03.30 15:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 15:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.03.24 03:00:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.02.26 18:36:46 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2009.02.26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2007.12.14 16:58:30 | 000,241,664 | ---- | M] () -- C:\Programme\Philips\Philips SPC230NC Webcam\TrayMin230.exe
PRC - [2007.03.16 11:45:30 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.31 14:42:04 | 000,788,328 | ---- | M] () -- C:\Programme\PhotoDoseNEU\dd.exe
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.08.29 22:51:50 | 002,195,456 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wstyle10.dll
MOD - [2010.08.29 22:51:42 | 025,182,208 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wstyle110.dll
MOD - [2010.08.29 22:50:14 | 000,827,392 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wform10.dll
MOD - [2010.08.29 22:48:42 | 004,448,256 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wauff10.dll
MOD - [2010.08.29 22:44:59 | 001,101,824 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wfvie10.dll
MOD - [2010.08.29 22:43:15 | 000,077,824 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wsons10.dll
MOD - [2010.08.29 22:42:58 | 001,347,584 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wwerb10.dll
MOD - [2010.08.29 22:40:36 | 001,839,104 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\whau210.dll
MOD - [2010.08.29 22:37:23 | 000,602,112 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\whau110.dll
MOD - [2010.08.29 22:36:23 | 001,200,128 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wbae410.dll
MOD - [2010.08.29 22:34:24 | 002,134,016 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wbae310.dll
MOD - [2010.08.29 22:30:54 | 000,684,032 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wbae210.dll
MOD - [2010.08.29 22:29:25 | 004,046,848 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wbae110.dll
MOD - [2010.08.29 22:24:07 | 001,589,248 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wimp10.dll
MOD - [2010.08.29 22:18:39 | 001,164,584 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\meinsparbuchheute.exe
MOD - [2010.08.29 22:13:47 | 001,216,512 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wfabu10.dll
MOD - [2010.08.29 22:08:32 | 001,212,416 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wreli10.dll
MOD - [2010.08.29 22:07:08 | 009,502,720 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\winc10.dll
MOD - [2010.08.29 21:52:29 | 000,135,168 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wincb10.dll
MOD - [2010.08.29 21:51:35 | 000,077,824 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wglob10.dll
MOD - [2010.08.29 21:51:20 | 001,036,288 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\wsteu10.dll
MOD - [2010.08.29 21:49:39 | 000,233,472 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\rszeus4.dll
MOD - [2010.08.29 21:49:28 | 000,094,208 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\rsdebug4.dll
MOD - [2010.08.29 21:49:07 | 000,122,880 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\rswinapi4.dll
MOD - [2010.07.29 11:13:43 | 009,437,184 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\qtwebkitrs4.dll
MOD - [2010.07.29 10:42:06 | 000,274,432 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\qtsvgrs4.dll
MOD - [2010.07.29 10:41:47 | 000,266,240 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\phononrs4.dll
MOD - [2010.07.29 10:37:53 | 002,416,640 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\qt3supportrs4.dll
MOD - [2010.07.29 10:36:21 | 000,086,016 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\qttestrs4.dll
MOD - [2010.07.29 10:36:08 | 000,704,512 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\qtscriptrs4.dll
MOD - [2010.07.29 10:35:01 | 000,589,824 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\qtsqlrs4.dll
MOD - [2010.07.29 10:34:41 | 008,028,160 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\qtguirs4.dll
MOD - [2010.07.29 10:26:46 | 000,897,024 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\qtnetworkrs4.dll
MOD - [2010.07.29 10:25:54 | 000,364,544 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\qtxmlrs4.dll
MOD - [2010.07.29 10:25:43 | 002,080,768 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\qtcorers4.dll
MOD - [2009.09.21 13:21:58 | 000,151,552 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\rsodbc4.dll
MOD - [2009.09.21 13:21:58 | 000,029,184 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\rsdcom4.dll
MOD - [2007.12.14 16:58:30 | 000,241,664 | ---- | M] () -- C:\Programme\Philips\Philips SPC230NC Webcam\TrayMin230.exe
========== Services (SafeList) ==========
SRV - [2012.12.20 19:26:03 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.09 16:47:47 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.08.30 04:05:55 | 001,584,112 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe -- (AVKWCtl)
SRV - [2012.08.23 14:46:06 | 001,542,680 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.04 10:49:40 | 001,899,816 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe -- (GDFwSvc)
SRV - [2012.03.29 03:42:27 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Programme\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2011.12.10 16:13:23 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\System32\UpdSvc.dll -- (Update-Service)
SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.18 15:19:30 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.03.30 15:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.02.26 18:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2009.02.10 17:01:50 | 000,116,104 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.08.07 09:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Disabled | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.07.25 11:00:56 | 000,876,032 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Programme\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Disabled | Stopped] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\OLLI-R~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.12.20 19:20:30 | 000,050,080 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV - [2012.12.20 19:18:55 | 000,093,728 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2012.12.20 19:18:55 | 000,053,664 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\gdwfpcd32.sys -- (gdwfpcd)
DRV - [2012.12.20 19:18:55 | 000,041,888 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\GDBehave.sys -- (GDBehave)
DRV - [2012.12.20 13:08:44 | 000,050,040 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.08.02 17:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.09.28 00:12:21 | 009,509,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.09.22 14:34:44 | 000,579,072 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009.08.21 21:24:03 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.08.04 16:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.07.30 14:11:40 | 001,488,096 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.06.28 23:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.05.13 12:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2009.05.13 12:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2009.02.20 18:09:16 | 000,044,032 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GigasetGenericUSB.sys -- (GigasetGenericUSB)
DRV - [2007.12.31 16:19:50 | 000,461,056 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SPC230NC.SYS -- (SPC230NC)
DRV - [2007.09.26 14:28:46 | 000,008,576 | ---- | M] (PixArt Imaging Incorporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PAEAFLT.sys -- (PAEAFLT.sys)
DRV - [2005.07.25 10:53:30 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\Windows\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2005.07.25 10:53:28 | 000,101,504 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005.07.25 10:53:04 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2005.07.25 10:52:59 | 000,028,672 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDrm.sys -- (incdrm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
IE - HKCU\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=NRO&o=101917&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=EV&apn_dtid=&apn_uid=605456EC-5FA9-40E8-B884-6B8CB46F57D2&apn_sauid=AA1C77CA-9C54-4AAE-92BD-FB3750249214
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7IRFC_de
IE - HKCU\..\SearchScopes\{CED21B1A-82FC-4F61-B311-58192BA1F541}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://web.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=eedde0fb-4c08-40a8-836b-2d50832359c5&apn_ptnrs=%5EABT&apn_sauid=6526C1A9-4538-47F4-8486-E7637A721CD9&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.09 16:47:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.09 16:47:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.09 16:47:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.09 16:47:43 | 000,000,000 | ---D | M]
[2009.11.28 15:37:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olli-Rosi\AppData\Roaming\mozilla\Extensions
[2012.10.23 07:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olli-Rosi\AppData\Roaming\mozilla\Firefox\Profiles\lry94j95.default\extensions
[2012.10.11 18:49:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Olli-Rosi\AppData\Roaming\mozilla\Firefox\Profiles\lry94j95.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.04.08 08:40:04 | 000,002,387 | ---- | M] () -- C:\Users\Olli-Rosi\AppData\Roaming\mozilla\firefox\profiles\lry94j95.default\searchplugins\askcom.xml
[2012.12.20 13:08:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.20 19:18:54 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Programme\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2012.12.09 16:47:47 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.23 12:07:34 | 000,599,424 | ---- | M] (3D RealityMaps GmbH) -- C:\Program Files\mozilla firefox\plugins\nprm3d.dll
[2010.05.19 15:38:12 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.06.24 20:39:27 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.01 16:44:50 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.24 20:39:27 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.24 20:39:27 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.24 20:39:27 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.24 20:39:27 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2012.12.21 15:59:35 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKCU..\Run: [Device Detection] C:\Programme\PhotoDoseNEU\dd.exe ()
O4 - HKCU..\Run: [MobileDocuments] C:\Programme\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [Philips Intelligent Agent] C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe (Philips Consumer Electronics)
O4 - Startup: C:\Users\Olli-Rosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\system32\tnns0xnif.dll File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///C:/Users/Olli-Rosi/Videos/Nepal_1/components/hidinputmonitorx.ocx (HidInputMonitorX Control)
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///C:/Users/Olli-Rosi/Videos/Nepal_1/components/A9.ocx (A9Helper.A9)
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///C:/Users/Olli-Rosi/Videos/Nepal_1/components/wmvhdrating.ocx (WMVHDRatingCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.10.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5A021AC-C389-4137-A96C-E6D9738CCD04}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{cbe9ee14-0f4c-4131-9bd0-cc0afcc7511d}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig - StartUpReg: Getdo - hkey= - key= - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: NBJ - hkey= - key= - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SPC230NC_Monitor - hkey= - key= - C:\Windows\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation)
MsConfig - StartUpReg: SPC_Monitor - hkey= - key= - C:\Windows\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.12.21 17:07:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Olli-Rosi\Desktop\OTL.exe
[2012.12.21 16:03:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.21 14:55:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.21 14:55:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.21 14:55:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.21 14:54:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.21 14:53:51 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.21 14:40:23 | 005,012,825 | R--- | C] (Swearware) -- C:\Users\Olli-Rosi\Desktop\ComboFix.exe
[2012.12.21 13:47:01 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Olli-Rosi\Desktop\tdsskiller.exe
[2012.12.21 13:38:23 | 000,000,000 | ---D | C] -- C:\Users\Olli-Rosi\AppData\Roaming\G Data
[2012.12.21 13:38:21 | 000,000,000 | ---D | C] -- C:\Users\Olli-Rosi\AppData\Local\G DATA
[2012.12.20 19:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2012.12.20 19:43:20 | 000,000,000 | ---D | C] -- C:\Users\Olli-Rosi\AppData\Roaming\QuickScan
[2012.12.20 19:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.12.20 19:18:55 | 000,010,792 | ---- | C] (G Data Software AG) -- C:\Windows\System32\GdScrSv.de.dll
[2012.12.20 17:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012.12.20 13:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2013
[2012.12.20 13:08:53 | 000,050,080 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2012.12.20 13:08:44 | 000,093,728 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2012.12.20 13:08:44 | 000,050,040 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2012.12.20 13:08:43 | 000,041,888 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2012.12.20 13:08:42 | 000,053,664 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2012.12.20 13:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2012.12.20 13:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data
[2012.12.20 13:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\G Data
[2012.12.20 13:02:07 | 000,000,000 | ---D | C] -- C:\Users\Olli-Rosi\AppData\Local\Downloaded Installations
[2012.12.20 13:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012.12.09 16:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.12.03 12:27:24 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.12.03 12:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.12.03 12:27:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.11.23 20:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
========== Files - Modified Within 30 Days ==========
[2012.12.21 17:07:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olli-Rosi\Desktop\OTL.exe
[2012.12.21 16:54:03 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.21 16:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.21 16:13:32 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.21 16:13:32 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.21 16:08:18 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.21 16:06:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.21 16:06:02 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.21 15:59:35 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.12.21 14:41:00 | 005,012,825 | R--- | M] (Swearware) -- C:\Users\Olli-Rosi\Desktop\ComboFix.exe
[2012.12.21 13:47:08 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Olli-Rosi\Desktop\tdsskiller.exe
[2012.12.21 11:50:16 | 000,923,279 | ---- | M] () -- C:\Windows\System32\sig.bin
[2012.12.21 11:50:16 | 000,050,254 | ---- | M] () -- C:\Windows\System32\nmp.map
[2012.12.21 10:35:04 | 000,003,198 | ---- | M] () -- C:\Users\Olli-Rosi\Desktop\G Data Protokoll ID 17 a.html
[2012.12.21 10:34:45 | 000,009,622 | ---- | M] () -- C:\Users\Olli-Rosi\Desktop\G Data Protokoll ID 14.html
[2012.12.20 23:56:18 | 000,218,471 | ---- | M] () -- C:\ProgramData\1356044098.bdinstall.bin
[2012.12.20 20:06:53 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2012.12.20 20:01:54 | 001,082,909 | ---- | M] () -- C:\ProgramData\1356028864.bdinstall.bin
[2012.12.20 20:00:29 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf
[2012.12.20 19:20:30 | 000,050,080 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2012.12.20 19:18:55 | 000,093,728 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2012.12.20 19:18:55 | 000,053,664 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2012.12.20 19:18:55 | 000,041,888 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2012.12.20 17:58:59 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.20 17:57:42 | 000,234,036 | ---- | M] () -- C:\ProgramData\1356022631.bdinstall.bin
[2012.12.20 13:08:44 | 000,050,040 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2012.12.20 13:08:37 | 000,002,108 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity.lnk
[2012.12.20 12:58:34 | 000,647,138 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.20 12:58:34 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.20 12:58:34 | 000,127,198 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.20 12:58:34 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.19 10:11:12 | 001,030,686 | ---- | M] () -- C:\Users\Olli-Rosi\Documents\5.2 Davos.pdf
[2012.12.14 17:37:40 | 000,510,552 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.23 20:06:16 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.11.23 20:06:16 | 000,002,008 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
========== Files Created - No Company Name ==========
[2012.12.21 14:55:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.21 14:55:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.21 14:55:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.21 14:55:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.21 14:55:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.21 10:42:38 | 000,923,279 | ---- | C] () -- C:\Windows\System32\sig.bin
[2012.12.21 10:42:38 | 000,050,254 | ---- | C] () -- C:\Windows\System32\nmp.map
[2012.12.21 10:35:04 | 000,003,198 | ---- | C] () -- C:\Users\Olli-Rosi\Desktop\G Data Protokoll ID 17 a.html
[2012.12.21 10:34:45 | 000,009,622 | ---- | C] () -- C:\Users\Olli-Rosi\Desktop\G Data Protokoll ID 14.html
[2012.12.20 23:56:18 | 000,218,471 | ---- | C] () -- C:\ProgramData\1356044098.bdinstall.bin
[2012.12.20 20:06:53 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2012.12.20 20:01:54 | 001,082,909 | ---- | C] () -- C:\ProgramData\1356028864.bdinstall.bin
[2012.12.20 20:00:29 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf
[2012.12.20 17:57:42 | 000,234,036 | ---- | C] () -- C:\ProgramData\1356022631.bdinstall.bin
[2012.12.20 13:08:37 | 000,002,108 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity.lnk
[2012.12.19 10:11:12 | 001,030,686 | ---- | C] () -- C:\Users\Olli-Rosi\Documents\5.2 Davos.pdf
[2012.09.16 11:54:06 | 000,122,120 | ---- | C] () -- C:\Users\Olli-Rosi\Vollmacht 1.pdf
[2012.07.01 19:39:22 | 000,091,848 | ---- | C] () -- C:\Users\Olli-Rosi\SAB.htm
[2012.06.24 19:24:47 | 000,880,019 | ---- | C] () -- C:\Users\Olli-Rosi\Foto0177.jpg
[2010.09.14 19:09:46 | 005,397,546 | ---- | C] () -- C:\Users\Olli-Rosi\MAGIX_manual.pdf
[2010.03.06 13:15:10 | 000,000,156 | ---- | C] () -- C:\Users\Olli-Rosi\AppData\Roaming\default.rss
[2009.12.23 08:51:13 | 000,018,944 | ---- | C] () -- C:\Users\Olli-Rosi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.19 09:18:49 | 000,002,063 | ---- | C] () -- C:\Users\Olli-Rosi\Webcam Video Viewer.lnk
[2009.12.04 08:42:58 | 000,118,052 | ---- | C] () -- C:\Users\Olli-Rosi\AppData\Roaming\mdbu.bin
[2009.11.28 20:31:19 | 000,000,056 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsidmv.dat
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.05.31 20:43:41 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\3D RealityMaps Viewer
[2011.05.31 20:44:01 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\Alpen 3D Online
[2012.01.31 19:10:12 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\Audacity
[2010.02.19 18:10:51 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\Buhl Data Service
[2011.03.06 11:40:24 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\Busms
[2010.08.22 06:25:33 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2010.04.17 18:46:53 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\EPSON
[2010.07.12 15:34:26 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\Fyro
[2012.12.21 13:38:23 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\G Data
[2011.07.14 19:22:40 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\go
[2009.12.12 13:29:03 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\InterTrust
[2012.04.20 19:39:05 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\IrfanView
[2009.12.13 09:46:53 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\Leadertech
[2011.07.30 07:28:03 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\MAGIX
[2010.09.13 16:53:45 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\PanoramaStudio
[2012.12.20 19:43:20 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\QuickScan
[2010.12.04 15:03:54 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\Sesy
[2010.04.17 18:58:51 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\Smart Panel
[2010.07.11 13:20:11 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\Vuav
[2010.12.07 05:02:07 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\Vyli
[2010.12.29 05:16:21 | 000,000,000 | ---D | M] -- C:\Users\Olli-Rosi\AppData\Roaming\WindSolutions
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.12.21 16:03:09 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2009.11.28 20:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings
[2009.11.28 15:30:32 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.12.21 20:58:45 | 000,000,000 | ---D | M] -- C:\EPSON
[2012.07.24 07:38:55 | 000,000,000 | ---D | M] -- C:\Kaspersky Rescue Disk 10.0
[2009.09.24 16:36:40 | 000,000,000 | R--D | M] -- C:\MSOCache
[2009.10.15 13:55:08 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2012.12.20 17:57:41 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.12.20 23:56:18 | 000,000,000 | ---D | M] -- C:\ProgramData
[2009.11.28 15:30:32 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.12.21 16:03:06 | 000,000,000 | ---D | M] -- C:\Qoobox
[2009.11.28 15:30:32 | 000,000,000 | ---D | M] -- C:\Recovery
[2012.12.21 17:12:11 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.11.28 16:58:37 | 000,000,000 | ---D | M] -- C:\temp
[2009.12.06 16:34:03 | 000,000,000 | R--D | M] -- C:\Users
[2012.12.21 16:00:00 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2010.08.13 17:57:22 | 000,495,616 | ---- | M] (Gigaset Communications GmbH) -- C:\Windows\system32\Gqstsp.tsp
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 05:53:46 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.12.26 12:30:08 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009.12.26 12:30:09 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.06.12 20:41:48 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\erdnt\cache\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2008.06.06 13:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\erdnt\cache\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: NVSTOR32.SYS >
[2009.08.04 16:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.08.04 16:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_40ee9c3d357e7b66\nvstor32.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\erdnt\cache\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll
< %USERPROFILE%\*.* >
[2012.06.24 19:25:15 | 000,880,019 | ---- | M] () -- C:\Users\Olli-Rosi\Foto0177.jpg
[2010.09.14 19:09:46 | 005,397,546 | ---- | M] () -- C:\Users\Olli-Rosi\MAGIX_manual.pdf
[2012.12.21 17:38:57 | 006,553,600 | -HS- | M] () -- C:\Users\Olli-Rosi\NTUSER.DAT
[2012.12.21 17:38:57 | 000,262,144 | -HS- | M] () -- C:\Users\Olli-Rosi\ntuser.dat.LOG1
[2009.11.28 15:30:53 | 000,000,000 | -HS- | M] () -- C:\Users\Olli-Rosi\ntuser.dat.LOG2
[2010.03.17 10:37:02 | 000,065,536 | -HS- | M] () -- C:\Users\Olli-Rosi\NTUSER.DAT{48497a2f-31a5-11df-8dd7-4061864ac134}.TM.blf
[2010.03.17 10:37:02 | 000,524,288 | -HS- | M] () -- C:\Users\Olli-Rosi\NTUSER.DAT{48497a2f-31a5-11df-8dd7-4061864ac134}.TMContainer00000000000000000001.regtrans-ms
[2010.03.17 10:37:02 | 000,524,288 | -HS- | M] () -- C:\Users\Olli-Rosi\NTUSER.DAT{48497a2f-31a5-11df-8dd7-4061864ac134}.TMContainer00000000000000000002.regtrans-ms
[2009.11.28 16:01:55 | 000,065,536 | -HS- | M] () -- C:\Users\Olli-Rosi\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2009.11.28 16:01:55 | 000,524,288 | -HS- | M] () -- C:\Users\Olli-Rosi\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2009.11.28 16:01:55 | 000,524,288 | -HS- | M] () -- C:\Users\Olli-Rosi\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2009.11.28 15:30:53 | 000,000,020 | -HS- | M] () -- C:\Users\Olli-Rosi\ntuser.ini
[2012.06.27 17:43:28 | 000,021,773 | ---- | M] () -- C:\Users\Olli-Rosi\Renovierung EG_WINDJÄGER.xlsx
[2012.07.01 19:39:23 | 000,091,848 | ---- | M] () -- C:\Users\Olli-Rosi\SAB.htm
[2012.11.09 19:00:25 | 000,023,552 | -HS- | M] () -- C:\Users\Olli-Rosi\Thumbs.db
[2012.09.16 11:54:06 | 000,122,120 | ---- | M] () -- C:\Users\Olli-Rosi\Vollmacht 1.pdf
[2009.12.19 09:18:49 | 000,002,063 | ---- | M] () -- C:\Users\Olli-Rosi\Webcam Video Viewer.lnk
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< >
< End of report >
Und hier Extra.txt: Code:
OTL Extras logfile created on: 21.12.2012 17:09:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Olli-Rosi\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 66,01% Memory free
6,00 Gb Paging File | 4,60 Gb Available in Paging File | 76,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 579,59 Gb Free Space | 63,66% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,32 Gb Free Space | 51,60% Space Free | Partition Type: NTFS
Computer Name: OLLI-ROSI-PC | User Name: Olli-Rosi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\CeWe Color\Mein CEWE FOTOBUCH\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "C:\Program Files\CeWe Color\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [OneNote.Open] -- C:\PROGRA~1\MIF5BA~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Photo Dose - Bestellsoftware] -- "C:\Program Files\PhotoDoseNEU\Loader.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D37DE7-7AB4-41DC-8743-7C4696226D3B}" = lport=137 | protocol=17 | dir=in | app=system |
"{0DC03B8F-D871-4919-9070-B55C8C2F3B47}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1BD96E94-4011-4643-B42D-81C3F67F0DEB}" = rport=138 | protocol=17 | dir=out | app=system |
"{1E3F6AAE-71AB-4427-A524-6E6232A03FDE}" = lport=138 | protocol=17 | dir=in | app=system |
"{22A6F357-E272-436C-BA53-03204CC39CAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{24F91CE8-8B79-4DFC-9069-3B184869ED8A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{320C82CA-864C-4D85-A189-1F976772980F}" = lport=445 | protocol=6 | dir=in | app=system |
"{3276605C-D7CB-447F-B47F-D3C26C6C4FC3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54B70465-3A61-41C6-BC9E-E7D5AEA54335}" = lport=139 | protocol=6 | dir=in | app=system |
"{5EE3B4C2-C1DD-458A-9BAC-0752BFE5F38D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6D917798-EDCD-416C-B85C-434BB5074D02}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{72A7FCEB-0267-4383-90E4-03A2E15D594B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B8474E9-495A-466D-AFED-EEFB54C2FACC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84481596-5597-4AB3-881D-9365D9069BFD}" = rport=445 | protocol=6 | dir=out | app=system |
"{8EBEFB85-2A3A-43E1-8506-3B9FE5C2C2A4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{93D8D66B-0951-4589-B1ED-ABCBDC1CA9F3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A56B2C77-3EE7-46A2-90D0-90300B63698D}" = rport=139 | protocol=6 | dir=out | app=system |
"{A9548924-C31F-41FE-BD3E-64D4D5B24FEC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B80D04FF-E500-4441-8313-21BCF970EBE2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BFA1033D-869E-45FD-B99E-18F5B9130F22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CA0921DD-A5EC-485F-9F8B-7A6100BEB1B8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D16865EB-EDF1-4B9C-AA89-77125985AB3A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D3DBEDBB-64F8-4A9F-BC32-E5C40EC60D1F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DAD4A5A9-5364-4077-9EB4-F479811A604F}" = rport=137 | protocol=17 | dir=out | app=system |
"{EDA1C96B-EDEF-4C24-8E5B-F91D74B30AF4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EF296D7D-12A1-4FCD-AB9E-FC99D09AEF17}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17B3D830-9D54-4E13-8D53-E3163747F154}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1FB96938-713D-4314-9F04-061109A72417}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{22D484BE-B5AC-4CD5-85D1-71E0319C1E9C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{23BAA1D0-7D2A-4ACC-BD29-CE9B655C6FE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A5ECD12-03C6-43F2-818D-39B9B3297459}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{33F234B5-EB69-4A8A-AC4F-1DAF072C1364}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{39FD6869-4BE0-4AEF-A750-001F56BF32CB}" = protocol=6 | dir=out | app=system |
"{49C9F7A2-4A22-4404-8596-66B501F93EB9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FCFFC18-90BF-451E-BF3F-3DD625831F36}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5DA814B4-F170-4093-A945-76CCB2F3325B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6CA2E635-24BF-41D6-8AD0-9FAFD354A042}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E8833BE-2DD0-4614-B52D-ABC9BE2B3B74}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{73309332-1603-4846-B4B5-AFEB5F959D83}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7839612D-FBAE-4DE1-A09F-0F5B8132BF7F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{80E749C6-5163-46D6-A4B5-A2F55FD0F87E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{837FAEBA-772D-49C4-8AD0-9E6158EAD264}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9DD1D537-DA76-492D-9FC8-6845A4E14C34}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{9F2F06CB-B26E-434C-A407-6F386721AB61}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A537D6DB-E3E3-46C6-97B8-D3DB3D29A168}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A8ADAA08-4F03-4906-B703-6C7665E057D3}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{B122104D-9065-419F-AA9E-B13E709B6211}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{BA3BEC9C-A678-4005-A5D5-C3C3B41820C5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BAD685C8-3447-4A2C-856C-180AABA72E60}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C00CF6E4-5825-440C-997A-9CEEAA6CE55C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C1AF34BC-8084-406E-BD35-E7FA73662F68}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{C3CF7EA2-5096-46DF-B562-E993F0E8E611}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CEECAC09-3341-4EA4-9431-90EBB52FC56A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DAD15011-B0AC-40CC-8242-1B593AEFAFDF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DBFE7E4B-CB22-4AF9-9EF8-F0744CCC112A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F08A753A-133E-4A03-B14F-3587DD5B02AC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F450C8E5-747B-4EB2-AC0E-FD2C7C7CBE36}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F6630D38-6924-4687-A230-6D3EB1FEC646}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F77BF01F-CA74-4B5A-A17D-F31A0F9D14EF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F8236EB5-C0A4-44CB-9DB3-C01E61D782D0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{FBEF75C9-5138-40BB-BC8A-B09530DAF398}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{0BDB380E-60C6-45C0-BD9B-FA5F0E3D5540}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe |
"TCP Query User{0EFFC6A7-AAD8-432A-8027-972FE046BE36}C:\program files\philips\intelligent agent\philips intelligent agent.exe" = protocol=6 | dir=in | app=c:\program files\philips\intelligent agent\philips intelligent agent.exe |
"TCP Query User{1293E0E7-2E26-4B55-8015-EAB6E56BF040}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{7644ACB9-3DE4-46EB-9954-BE8395B1AB06}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{950D7345-D931-4E39-9EF5-977F28859F77}C:\windows\temp\navbrowser.exe" = protocol=6 | dir=in | app=c:\windows\temp\navbrowser.exe |
"TCP Query User{AC33AF3D-BA28-4333-BA8F-AB14AA02E7E3}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{E15BB84A-D818-4BD4-98A7-D0A5426F5226}C:\program files\philips\intelligent agent\philips intelligent agent.exe" = protocol=6 | dir=in | app=c:\program files\philips\intelligent agent\philips intelligent agent.exe |
"UDP Query User{4568CE10-AB06-472E-856B-6578FCCF5763}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{74EFB01E-22B0-4F2C-98FC-5D4F2CA78722}C:\program files\philips\intelligent agent\philips intelligent agent.exe" = protocol=17 | dir=in | app=c:\program files\philips\intelligent agent\philips intelligent agent.exe |
"UDP Query User{9C8AD683-F92A-4651-AE38-4850C0D68985}C:\program files\philips\intelligent agent\philips intelligent agent.exe" = protocol=17 | dir=in | app=c:\program files\philips\intelligent agent\philips intelligent agent.exe |
"UDP Query User{AE983031-9023-4067-872F-AA7351FED48E}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe |
"UDP Query User{D75C04E3-875E-4465-B6C8-9591F5D6278D}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{F0D9FE3E-6F3C-49D5-9B9D-B857B4D60889}C:\windows\temp\navbrowser.exe" = protocol=17 | dir=in | app=c:\windows\temp\navbrowser.exe |
"UDP Query User{FE97E7A2-D5F8-4B98-897F-8B397F2BF2BC}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02627EE5-EACA-4742-A9CC-E687631773E4}" = Nero ShowTime
"{037593ae-02ac-4cbd-a9c7-fa76df6913b1}" = Nero 9
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{05F350C6-FA6A-40D0-A130-FB941B39152C}" = Philips SPC230NC Webcam
"{086A7D8C-0A38-4C7F-819A-620275550D5C}" = Nero Burning ROM Help
"{0E1EF887-ED45-4AA6-891E-379CA7876306}" = MAGIX Fotos auf CD & DVD 9 deluxe
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F7F8182-7FA3-4C49-86FD-7B3324806C16}" = MAGIX 3D Maker (embedded MSI)
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID-Anmelde-Assistent
"{1161D415-64B5-45F3-97AD-E1D2786E33FC}" = MAGIX Speed burnR (MSI)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series" = Canon iP4700 series Printer Driver
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C00C7C5-E615-4139-B817-7F4003DE68C0}" = Nero PhotoSnap Help
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BB61B48-FEA6-4096-9201-6FE5AB0CD038}" = MAGIX Screenshare
"{2FBC726B-4E5E-4FAE-B222-C3D343E50015}" = EPSON Photo Print
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Sparbuch 2010
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA590DA-4342-4390-BC8A-40EF3C03A687}" = MAGIX Fotos auf CD & DVD 10 Deluxe
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help
"{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{65B32A06-A49D-47A4-9863-86DD5F635130}" = MAGIX Online Druck Service
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77E33D87-255E-413E-9C8D-EED2A7F9BEBF}" = Nero Live Help
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7b7e564b-0c70-4506-9ab6-b7a2044425ab}" = Gigaset QuickSync
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{85243696-5E58-4357-9CF8-3498C609941D}" = NeroLiveGadget Help
"{86107E2D-DFB9-46BC-99ED-07EACAEE0923}" = G Data InternetSecurity 2013
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98A67610-A3B5-4098-A423-3708040026D3}" = "Nero SoundTrax Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9E9FDDE6-2C26-492A-85A0-05646B3F2795}" = NeroLiveGadget
"{9FE71A92-DF5D-5880-F8B0-7FF30CE49B44}" = myphotobook.de
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A1973A71-BC23-4A8C-A0A0-2B0497B7EAF4}" = WISO Sparbuch 2008
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD6BC5CC-2EF0-49C4-B33D-CDC8B2C4DC80}" = Nero Recode Help
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B9737B90-6903-4C69-BE4B-0D9491AFB280}" = MAGIX Foto Manager 10
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
"{CECB7782-F35F-45CE-97C0-74BBBDC51C22}" = Webcam Video Viewer
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DF6A95F5-ADC1-406A-BDC6-2AA7CC0182AA}" = Nero Live
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{EF9A22AC-9FD0-42B5-B0F3-3221AEC48978}" = MAGIX Speed 2 (MSI)
"{F00270EB-90E7-4C58-9665-741BB1017382}" = MAGIX Xtreme Foto Designer 6
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F2574ADC-C8FD-4E2A-8198-46892834EA76}" = TouchCopy 09
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"ALDI Foto Service D" = ALDI Foto Service
"ALDI Nord Foto Manager Free D" = ALDI Nord Foto Manager Free
"Aldi Nord Fotoservice_is1" = Aldi Nord Fotoservice
"ALDI Nord Online Druck Service" = ALDI Nord Online Druck Service 4.6
"ALDI Nord Online Druck Service D" = ALDI Nord Online Druck Service
"AlpenOnlineViewer_is1" = 3D RealityMaps Viewer 1.2.4.3
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"Canon iP4700 series Benutzerregistrierung" = Canon iP4700 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"IrfanView" = IrfanView (remove only)
"MAGIX_MSI_Foto_Manager_10" = MAGIX Foto Manager 10
"MAGIX_MSI_Fotos_auf_CD_DVD_10_Dlx" = MAGIX Fotos auf CD & DVD 10 Deluxe
"MAGIX_MSI_Fotos_auf_CD_DVD_9_dlx" = MAGIX Fotos auf CD & DVD 9 deluxe
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MEDION Fotos auf CD & DVD SE Nord D" = MEDION Fotos auf CD & DVD SE Nord
"Mein CEWE FOTOBUCH" = Mein CEWE FOTOBUCH
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"P2400P Referenzhandbuch" = P2400P Referenzhandbuch
"Philips Intelligent Agent_is1" = Philips Intelligent Agent
"Photo Dose_is1" = PhotoDose 4.2
"ST5UNST #1" = Kaminfeuer Titanium Edition II
"VLC media player" = VLC media player 1.1.5
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"X10Hardware" = X10 Hardware(TM)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.
"Game Organizer" = EasyBits GO
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.06.2012 05:37:01 | Computer Name = Olli-Rosi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 12.0.0.4493,
Zeitstempel: 0x4f9207d9 Name des fehlerhaften Moduls: mozglue.dll, Version: 12.0.0.4493,
Zeitstempel: 0x4f91f34c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000374b ID des fehlerhaften
Prozesses: 0x1510 Startzeit der fehlerhaften Anwendung: 0x01cd4ba33cde04a0 Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe Pfad des fehlerhaften
Moduls: C:\Program Files\Mozilla Firefox\mozglue.dll Berichtskennung: d25db700-b796-11e1-85e0-4061864ac134
Error - 23.06.2012 13:23:55 | Computer Name = Olli-Rosi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 12.0.0.4493,
Zeitstempel: 0x4f920759 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset:
0x5e529903 ID des fehlerhaften Prozesses: 0x1738 Startzeit der fehlerhaften Anwendung:
0x01cd5164bda99740 Pfad der fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\plugin-container.exe
Pfad
des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll Berichtskennung: 3500eb90-bd58-11e1-97f2-4061864ac134
Error - 25.06.2012 03:17:20 | Computer Name = Olli-Rosi-PC | Source = Desktop Window Manager | ID = 9020
Description = Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x0)
festgestellt.
Error - 28.06.2012 09:40:30 | Computer Name = Olli-Rosi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16446,
Zeitstempel: 0x4fb57c8f Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x3628 Startzeit der fehlerhaften Anwendung: 0x01cd553391cfd7d8 Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: d30cc508-c126-11e1-ba75-4061864ac134
Error - 03.07.2012 09:58:31 | Computer Name = Olli-Rosi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_262.exe,
Version: 11.3.300.262, Zeitstempel: 0x4fe20fae Name des fehlerhaften Moduls: NPSWF32_11_3_300_262.dll,
Version: 11.3.300.262, Zeitstempel: 0x4fe21212 Ausnahmecode: 0xc0000005 Fehleroffset:
0x00005f0c ID des fehlerhaften Prozesses: 0x15e0 Startzeit der fehlerhaften Anwendung:
0x01cd592388fd5e70 Pfad der fehlerhaften Anwendung: C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
Berichtskennung:
2b6979f0-c517-11e1-a383-4061864ac134
Error - 07.07.2012 04:14:52 | Computer Name = Olli-Rosi-PC | Source = VSS | ID = 12310
Description =
Error - 07.07.2012 04:14:52 | Computer Name = Olli-Rosi-PC | Source = VSS | ID = 12298
Description =
Error - 15.08.2012 04:57:15 | Computer Name = Olli-Rosi-PC | Source = Windows Search Service | ID = 3007
Description =
Error - 16.09.2012 13:18:32 | Computer Name = Olli-Rosi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.10.0.116, Zeitstempel:
0x50001496 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
0x4ec49b60 Ausnahmecode: 0xc0000264 Fehleroffset: 0x000a1742 ID des fehlerhaften Prozesses:
0x96c Startzeit der fehlerhaften Anwendung: 0x01cd942aa70a6ce0 Pfad der fehlerhaften
Anwendung: C:\Program Files\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 897c6841-0022-11e2-b580-4061864ac134
Error - 10.10.2012 04:54:47 | Computer Name = Olli-Rosi-PC | Source = Windows Search Service | ID = 3007
Description =
[ Media Center Events ]
Error - 11.07.2012 09:09:55 | Computer Name = Olli-Rosi-PC | Source = MCUpdate | ID = 0
Description = 15:09:55 - Fehler beim Herstellen der Internetverbindung. 15:09:55
- Serververbindung konnte nicht hergestellt werden..
Error - 11.07.2012 09:10:02 | Computer Name = Olli-Rosi-PC | Source = MCUpdate | ID = 0
Description = 15:10:00 - Fehler beim Herstellen der Internetverbindung. 15:10:00
- Serververbindung konnte nicht hergestellt werden..
Error - 24.07.2012 01:36:00 | Computer Name = Olli-Rosi-PC | Source = MCUpdate | ID = 0
Description = 07:35:59 - Fehler beim Herstellen der Internetverbindung. 07:35:59
- Serververbindung konnte nicht hergestellt werden..
Error - 24.07.2012 01:36:11 | Computer Name = Olli-Rosi-PC | Source = MCUpdate | ID = 0
Description = 07:36:05 - Fehler beim Herstellen der Internetverbindung. 07:36:05
- Serververbindung konnte nicht hergestellt werden..
Error - 02.08.2012 11:24:24 | Computer Name = Olli-Rosi-PC | Source = MCUpdate | ID = 0
Description = 17:24:24 - Fehler beim Herstellen der Internetverbindung. 17:24:24
- Serververbindung konnte nicht hergestellt werden..
Error - 02.08.2012 11:24:32 | Computer Name = Olli-Rosi-PC | Source = MCUpdate | ID = 0
Description = 17:24:29 - Fehler beim Herstellen der Internetverbindung. 17:24:29
- Serververbindung konnte nicht hergestellt werden..
Error - 02.08.2012 12:25:46 | Computer Name = Olli-Rosi-PC | Source = MCUpdate | ID = 0
Description = 18:25:45 - Fehler beim Herstellen der Internetverbindung. 18:25:45
- Serververbindung konnte nicht hergestellt werden..
Error - 02.08.2012 12:25:56 | Computer Name = Olli-Rosi-PC | Source = MCUpdate | ID = 0
Description = 18:25:51 - Fehler beim Herstellen der Internetverbindung. 18:25:51
- Serververbindung konnte nicht hergestellt werden..
Error - 02.08.2012 13:26:52 | Computer Name = Olli-Rosi-PC | Source = MCUpdate | ID = 0
Description = 19:26:52 - Fehler beim Herstellen der Internetverbindung. 19:26:52
- Serververbindung konnte nicht hergestellt werden..
Error - 02.08.2012 13:27:00 | Computer Name = Olli-Rosi-PC | Source = MCUpdate | ID = 0
Description = 19:26:57 - Fehler beim Herstellen der Internetverbindung. 19:26:57
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 24.01.2011 09:18:06 | Computer Name = Olli-Rosi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.
Error - 24.01.2011 11:39:27 | Computer Name = Olli-Rosi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.
Error - 24.01.2011 12:58:25 | Computer Name = Olli-Rosi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13
seconds with 0 seconds of active time. This session ended with a crash.
Error - 24.01.2011 12:59:55 | Computer Name = Olli-Rosi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13
seconds with 0 seconds of active time. This session ended with a crash.
Error - 02.02.2011 01:49:12 | Computer Name = Olli-Rosi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 24
seconds with 0 seconds of active time. This session ended with a crash.
Error - 02.02.2011 01:49:24 | Computer Name = Olli-Rosi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 09.03.2011 13:14:26 | Computer Name = Olli-Rosi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 189
seconds with 180 seconds of active time. This session ended with a crash.
Error - 10.03.2011 15:52:21 | Computer Name = Olli-Rosi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 472
seconds with 120 seconds of active time. This session ended with a crash.
Error - 02.06.2011 12:09:43 | Computer Name = Olli-Rosi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
Error - 22.01.2012 10:09:13 | Computer Name = Olli-Rosi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 5501
seconds with 3060 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 21.12.2012 12:38:14 | Computer Name = Olli-Rosi-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Computerbrowser" ist von folgendem Dienst abhängig: LanmanWorkstation.
Dieser Dienst ist eventuell nicht installiert.
Error - 21.12.2012 12:38:14 | Computer Name = Olli-Rosi-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%2
Error - 21.12.2012 12:39:20 | Computer Name = Olli-Rosi-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Computerbrowser" ist von folgendem Dienst abhängig: LanmanWorkstation.
Dieser Dienst ist eventuell nicht installiert.
Error - 21.12.2012 12:39:20 | Computer Name = Olli-Rosi-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Computerbrowser" ist von folgendem Dienst abhängig: LanmanWorkstation.
Dieser Dienst ist eventuell nicht installiert.
Error - 21.12.2012 12:39:20 | Computer Name = Olli-Rosi-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%2
Error - 21.12.2012 12:39:20 | Computer Name = Olli-Rosi-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Computerbrowser" ist von folgendem Dienst abhängig: LanmanWorkstation.
Dieser Dienst ist eventuell nicht installiert.
Error - 21.12.2012 12:41:27 | Computer Name = Olli-Rosi-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Computerbrowser" ist von folgendem Dienst abhängig: LanmanWorkstation.
Dieser Dienst ist eventuell nicht installiert.
Error - 21.12.2012 12:41:27 | Computer Name = Olli-Rosi-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Computerbrowser" ist von folgendem Dienst abhängig: LanmanWorkstation.
Dieser Dienst ist eventuell nicht installiert.
Error - 21.12.2012 12:41:27 | Computer Name = Olli-Rosi-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Computerbrowser" ist von folgendem Dienst abhängig: LanmanWorkstation.
Dieser Dienst ist eventuell nicht installiert.
Error - 21.12.2012 12:41:27 | Computer Name = Olli-Rosi-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%2
< End of report >
|
