| Motormouse | 21.05.2013 17:33 |
Voilà Code:
OTL logfile created on: 21.05.2013 20:19:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = H:\
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
6.00 Gb Total Physical Memory | 5.41 Gb Available Physical Memory | 90.21% Memory free
11.99 Gb Paging File | 11.41 Gb Available in Paging File | 95.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.66 Gb Total Space | 46.69 Gb Free Space | 47.81% Space Free | Partition Type: NTFS
Drive D: | 195.32 Gb Total Space | 131.18 Gb Free Space | 67.16% Space Free | Partition Type: NTFS
Drive E: | 172.78 Gb Total Space | 34.87 Gb Free Space | 20.18% Space Free | Partition Type: NTFS
Drive H: | 3.75 Gb Total Space | 3.28 Gb Free Space | 87.45% Space Free | Partition Type: FAT32
Computer Name: ISRA | User Name: scb | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.21 20:02:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- H:\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.30 23:46:46 | 000,296,448 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe -- (SystemStoreService)
SRV - [2012.11.16 14:08:21 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012.11.09 12:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.24 19:49:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.09.23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.12 22:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 22:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.07.06 01:47:00 | 001,258,856 | R--- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.01.17 12:24:10 | 000,055,296 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\ASGT.exe -- (ASGT)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010.11.21 05:24:09 | 000,254,464 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2010.11.21 05:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.12.08 18:15:26 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008.11.18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Stopped] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.10.26 20:00:50 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.09.28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.30 23:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.03 02:25:18 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.10.16 07:44:56 | 001,309,696 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.11.04 04:21:08 | 000,098,144 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV - [2013.05.21 19:39:37 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
IE - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp
IE - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6D 7D 45 50 F3 C3 CD 01 [binary data]
IE - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001\..\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}: "URL" = hxxp://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=de&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
IE - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.ch/"
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10025&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: D:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.14 20:04:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.16 11:20:48 | 000,000,000 | ---D | M]
[2012.11.16 15:15:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\scb\AppData\Roaming\mozilla\Extensions
[2013.02.05 19:38:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\scb\AppData\Roaming\mozilla\Firefox\Profiles\rs93dmg2.default\extensions
[2013.02.05 19:38:29 | 000,169,792 | ---- | M] () (No name found) -- C:\Users\scb\AppData\Roaming\mozilla\firefox\profiles\rs93dmg2.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012.12.31 15:46:20 | 000,003,915 | ---- | M] () -- C:\Users\scb\AppData\Roaming\mozilla\firefox\profiles\rs93dmg2.default\searchplugins\sweetim.xml
[2012.11.16 15:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.24 19:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.25 00:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.25 00:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.25 00:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.25 00:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.25 00:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.25 00:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.startfenster.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: Google Drive = C:\Users\scb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\scb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\scb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SweetIM for Facebook = C:\Users\scb\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: Google Mail = C:\Users\scb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Google Drive = C:\Users\scb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\scb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\scb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SweetIM for Facebook = C:\Users\scb\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: Google Mail = C:\Users\scb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL File not found
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll File not found
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001..\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] E:\Documents\26044f61.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild in &Microsoft PhotoDraw öffnen - res://C:\PROGRA~2\MICROS~1\Office\1031\phdintl.dll/phdContext.htm File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild in &Microsoft PhotoDraw öffnen - res://C:\PROGRA~2\MICROS~1\Office\1031\phdintl.dll/phdContext.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39386E82-0D7E-4B52-B592-B10E3AB0DB05}: DhcpNameServer = 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2CABF98-E92F-44D3-B15E-A353D0F66773}: NameServer = 62.112.150.2 62.112.129.138
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1608641657-4023151620-1790342431-1001 Winlogon: Shell - (cmd.exe) - cmd.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6422d048-2fd3-11e2-988b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6422d048-2fd3-11e2-988b-806e6f6e6963}\Shell\AutoRun\command - "" = G:\start.exe /checksection
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.22 00:16:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.05.16 10:11:32 | 000,000,000 | ---D | C] -- C:\Users\scb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MirageIIIB
[2013.05.12 19:09:53 | 000,000,000 | ---D | C] -- C:\Users\scb\Desktop\Ferien
[2013.05.09 13:13:39 | 000,000,000 | ---D | C] -- C:\Users\scb\AppData\Roaming\CadSoft
[2013.05.01 23:47:43 | 000,000,000 | ---D | C] -- C:\Users\scb\Desktop\Philips Page
[2013.05.01 12:32:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
========== Files - Modified Within 30 Days ==========
[2013.05.21 20:19:12 | 001,611,160 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.21 20:19:12 | 000,696,132 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.21 20:19:12 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.21 20:19:12 | 000,147,428 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.21 20:19:12 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.21 20:14:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.21 20:14:50 | 535,535,615 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.21 19:39:47 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.21 19:39:37 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.05.21 17:02:57 | 000,003,368 | ---- | M] () -- C:\bootsqm.dat
[2013.05.20 20:50:28 | 000,262,144 | ---- | M] () -- C:\Windows\DEFAULT
[2013.05.20 17:54:25 | 000,000,986 | ---- | M] () -- C:\Users\scb\Desktop\WS_FTP95.lnk
[2013.05.20 17:54:25 | 000,000,617 | ---- | M] () -- C:\Users\scb\Desktop\XnView.lnk
[2013.05.20 17:53:14 | 000,000,752 | ---- | M] () -- C:\Users\scb\Desktop\Stellar Phoenix Windows Data Recovery - Professional.lnk
[2013.05.20 17:53:11 | 000,001,230 | ---- | M] () -- C:\Users\scb\Desktop\MirIII_Airports.lnk
[2013.05.20 17:53:04 | 000,001,227 | ---- | M] () -- C:\Users\scb\Desktop\MIIIB_docFRA.lnk
[2013.05.20 17:53:04 | 000,001,227 | ---- | M] () -- C:\Users\scb\Desktop\MIIIB_docENG.lnk
[2013.05.20 17:53:03 | 000,000,823 | ---- | M] () -- C:\Users\scb\Desktop\Instant Scenery Readme.lnk
[2013.05.20 17:53:03 | 000,000,768 | ---- | M] () -- C:\Users\scb\Desktop\LibraryMaker.lnk
[2013.05.20 17:53:03 | 000,000,624 | ---- | M] () -- C:\Users\scb\Desktop\IrfanView.lnk
[2013.05.20 17:53:00 | 000,000,600 | ---- | M] () -- C:\Users\scb\Desktop\FSDyn!.lnk
[2013.05.20 17:52:58 | 000,001,810 | ---- | M] () -- C:\Users\scb\Desktop\Free Video to Flash Converter.lnk
[2013.05.20 17:52:58 | 000,001,069 | ---- | M] () -- C:\Users\scb\Desktop\FS Design Studio V2.lnk
[2013.05.20 17:52:58 | 000,000,639 | ---- | M] () -- C:\Users\scb\Desktop\DXTBmp.lnk
[2013.05.20 17:51:43 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.05.20 17:51:43 | 000,001,681 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.05.20 17:51:43 | 000,001,678 | ---- | M] () -- C:\Users\Public\Desktop\REX Essential Plus Overdrive.lnk
[2013.05.20 17:51:43 | 000,000,743 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013.lnk
[2013.05.20 14:20:18 | 000,104,506 | ---- | M] () -- C:\Users\scb\AppData\Local\2433f433
[2013.05.20 14:19:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.20 14:09:42 | 000,082,182 | ---- | M] () -- C:\Users\scb\Desktop\Valvo_VHF_VD1.jpg
[2013.05.20 13:53:56 | 000,002,540 | ---- | M] () -- C:\Users\scb\Desktop\DSC_0473_mov.HDP
[2013.05.20 13:40:08 | 002,869,549 | ---- | M] () -- C:\Users\scb\Desktop\Versuch_1.wmv
[2013.05.20 12:53:22 | 042,582,746 | ---- | M] () -- C:\Users\scb\Desktop\DSC_0478.MOV
[2013.05.20 12:52:42 | 037,842,707 | ---- | M] () -- C:\Users\scb\Desktop\DSC_0477.MOV
[2013.05.20 12:52:18 | 018,553,411 | ---- | M] () -- C:\Users\scb\Desktop\DSC_0476.MOV
[2013.05.20 12:31:14 | 053,684,982 | ---- | M] () -- C:\Users\scb\Desktop\DSC_0473.MOV
[2013.05.20 11:04:10 | 000,022,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.20 11:04:10 | 000,022,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.19 18:39:49 | 179,042,856 | ---- | M] () -- C:\Users\scb\Desktop\fs9 2013-05-19 17-58-44-84.avi
[2013.05.19 18:38:42 | 167,944,013 | ---- | M] () -- C:\Users\scb\Desktop\fs9 2013-05-19 17-58-44-84.zip
[2013.05.19 15:29:09 | 000,093,498 | ---- | M] () -- C:\Users\scb\Desktop\Onken_Grundplatte.jpg
[2013.05.19 15:28:18 | 000,121,106 | ---- | M] () -- C:\Users\scb\Desktop\Onken_Grundplatte_2.jpg
[2013.05.18 02:24:57 | 002,049,724 | ---- | M] () -- C:\Users\scb\Desktop\Unbenannt.png
[2013.05.16 14:23:07 | 000,080,632 | ---- | M] () -- C:\Users\scb\Desktop\BC238.jpg
[2013.05.16 14:20:45 | 000,877,082 | ---- | M] () -- C:\Users\scb\Desktop\DSC_0449.jpg
[2013.05.16 14:20:09 | 000,267,756 | ---- | M] () -- C:\Users\scb\Desktop\P1010024.jpg
[2013.05.16 10:09:30 | 104,118,337 | ---- | M] () -- C:\Users\scb\Desktop\restauravia_M3B_v1.zip
[2013.05.16 10:00:33 | 000,033,059 | ---- | M] () -- C:\Users\scb\Desktop\Pikettdienst_Arbeitsgesetz.pdf
[2013.05.16 09:54:17 | 000,028,794 | ---- | M] () -- C:\Users\scb\Desktop\ArGV1_art14_april2010_de.pdf
[2013.05.15 17:58:39 | 000,183,931 | ---- | M] () -- C:\Users\scb\Desktop\BRE_New.jpg
[2013.05.14 23:52:18 | 002,708,992 | ---- | M] () -- C:\Users\scb\Desktop\Background_3.mix
[2013.05.14 23:45:43 | 000,627,489 | ---- | M] () -- C:\Users\scb\Desktop\DSC_0434.jpg
[2013.05.14 00:51:40 | 001,817,600 | ---- | M] () -- C:\Users\scb\Desktop\Background_2.mix
[2013.05.13 21:44:48 | 000,787,725 | ---- | M] () -- C:\Users\scb\Desktop\DSC_0430.jpg
[2013.05.13 12:00:26 | 002,018,198 | ---- | M] () -- C:\Users\scb\Desktop\2006-10-08 Bau- und Betriebsanleitung MegaScopeClock V 2 (2).pdf
[2013.05.13 12:00:26 | 002,018,198 | ---- | M] () -- C:\Users\scb\Desktop\2006-10-08 Bau- und Betriebsanleitung MegaScopeClock V 2 (2) - Kopie.pdf
[2013.05.13 12:00:26 | 002,018,198 | ---- | M] () -- C:\Users\scb\Desktop\2006-10-08 Bau- und Betriebsanleitung MegaScopeClock V 2 (2) - Kopie - Kopie.pdf
[2013.05.12 19:43:44 | 000,000,471 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2013.05.10 12:59:04 | 000,078,988 | ---- | M] () -- C:\Users\scb\Desktop\d7-16gj.pdf
[2013.05.09 16:16:56 | 000,000,539 | ---- | M] () -- C:\Users\scb\Desktop\basket.xml
[2013.05.07 16:47:52 | 000,090,338 | ---- | M] () -- C:\Users\scb\Desktop\Schema1007_new.jpg
[2013.05.06 19:41:48 | 000,097,783 | ---- | M] () -- C:\Users\scb\Desktop\Onken.jpg
[2013.05.05 18:47:22 | 000,030,965 | ---- | M] () -- C:\Users\scb\Desktop\IMG_0719.jpg
[2013.05.05 14:48:27 | 000,143,872 | ---- | M] () -- C:\Users\scb\Desktop\BRE.mix
[2013.05.05 14:22:50 | 000,776,192 | ---- | M] () -- C:\Users\scb\Desktop\Schema1007_2.mix
[2013.05.05 12:55:47 | 000,072,651 | ---- | M] () -- C:\Users\scb\Desktop\Schema1007.jpg
[2013.05.02 01:59:29 | 001,254,912 | ---- | M] () -- C:\Users\scb\Desktop\logo.mix
[2013.05.02 01:30:00 | 000,047,675 | ---- | M] () -- C:\Users\scb\Desktop\Philips-logo.png
[2013.05.01 23:47:28 | 000,345,600 | ---- | M] () -- C:\Users\scb\Desktop\Background.mix
[2013.04.30 11:40:52 | 000,000,687 | ---- | M] () -- C:\Users\scb\Desktop\Homepages.lnk
[2013.04.27 10:55:08 | 000,140,602 | ---- | M] () -- E:\Documents\BC 326.jpg
========== Files Created - No Company Name ==========
[2013.05.22 01:34:07 | 000,262,144 | ---- | C] () -- C:\Windows\DEFAULT
[2013.05.21 17:02:57 | 000,003,368 | ---- | C] () -- C:\bootsqm.dat
[2013.05.20 14:20:18 | 000,104,506 | ---- | C] () -- C:\Users\scb\AppData\Local\2433f433
[2013.05.20 14:08:52 | 000,082,182 | ---- | C] () -- C:\Users\scb\Desktop\Valvo_VHF_VD1.jpg
[2013.05.20 13:53:56 | 000,002,540 | ---- | C] () -- C:\Users\scb\Desktop\DSC_0473_mov.HDP
[2013.05.20 13:53:48 | 042,582,746 | ---- | C] () -- C:\Users\scb\Desktop\DSC_0478.MOV
[2013.05.20 13:53:46 | 037,842,707 | ---- | C] () -- C:\Users\scb\Desktop\DSC_0477.MOV
[2013.05.20 13:53:46 | 018,553,411 | ---- | C] () -- C:\Users\scb\Desktop\DSC_0476.MOV
[2013.05.20 13:39:45 | 002,869,549 | ---- | C] () -- C:\Users\scb\Desktop\Versuch_1.wmv
[2013.05.20 13:33:04 | 053,684,982 | ---- | C] () -- C:\Users\scb\Desktop\DSC_0473.MOV
[2013.05.19 18:36:55 | 167,944,013 | ---- | C] () -- C:\Users\scb\Desktop\fs9 2013-05-19 17-58-44-84.zip
[2013.05.19 17:59:14 | 179,042,856 | ---- | C] () -- C:\Users\scb\Desktop\fs9 2013-05-19 17-58-44-84.avi
[2013.05.19 15:29:09 | 000,093,498 | ---- | C] () -- C:\Users\scb\Desktop\Onken_Grundplatte.jpg
[2013.05.19 15:28:18 | 000,121,106 | ---- | C] () -- C:\Users\scb\Desktop\Onken_Grundplatte_2.jpg
[2013.05.18 02:24:15 | 002,049,724 | ---- | C] () -- C:\Users\scb\Desktop\Unbenannt.png
[2013.05.16 14:22:11 | 000,080,632 | ---- | C] () -- C:\Users\scb\Desktop\BC238.jpg
[2013.05.16 14:20:09 | 000,267,756 | ---- | C] () -- C:\Users\scb\Desktop\P1010024.jpg
[2013.05.16 14:12:51 | 000,877,082 | ---- | C] () -- C:\Users\scb\Desktop\DSC_0449.jpg
[2013.05.16 10:11:32 | 000,001,230 | ---- | C] () -- C:\Users\scb\Desktop\MirIII_Airports.lnk
[2013.05.16 10:11:32 | 000,001,227 | ---- | C] () -- C:\Users\scb\Desktop\MIIIB_docFRA.lnk
[2013.05.16 10:11:32 | 000,001,227 | ---- | C] () -- C:\Users\scb\Desktop\MIIIB_docENG.lnk
[2013.05.16 10:08:09 | 104,118,337 | ---- | C] () -- C:\Users\scb\Desktop\restauravia_M3B_v1.zip
[2013.05.16 10:00:33 | 000,033,059 | ---- | C] () -- C:\Users\scb\Desktop\Pikettdienst_Arbeitsgesetz.pdf
[2013.05.16 09:54:17 | 000,028,794 | ---- | C] () -- C:\Users\scb\Desktop\ArGV1_art14_april2010_de.pdf
[2013.05.15 17:58:39 | 000,183,931 | ---- | C] () -- C:\Users\scb\Desktop\BRE_New.jpg
[2013.05.14 23:52:17 | 002,708,992 | ---- | C] () -- C:\Users\scb\Desktop\Background_3.mix
[2013.05.14 23:45:43 | 000,627,489 | ---- | C] () -- C:\Users\scb\Desktop\DSC_0434.jpg
[2013.05.14 10:32:46 | 002,018,198 | ---- | C] () -- C:\Users\scb\Desktop\2006-10-08 Bau- und Betriebsanleitung MegaScopeClock V 2 (2) - Kopie - Kopie.pdf
[2013.05.14 10:26:57 | 002,018,198 | ---- | C] () -- C:\Users\scb\Desktop\2006-10-08 Bau- und Betriebsanleitung MegaScopeClock V 2 (2) - Kopie.pdf
[2013.05.13 22:04:40 | 001,817,600 | ---- | C] () -- C:\Users\scb\Desktop\Background_2.mix
[2013.05.13 21:44:15 | 000,787,725 | ---- | C] () -- C:\Users\scb\Desktop\DSC_0430.jpg
[2013.05.13 12:00:26 | 002,018,198 | ---- | C] () -- C:\Users\scb\Desktop\2006-10-08 Bau- und Betriebsanleitung MegaScopeClock V 2 (2).pdf
[2013.05.10 12:59:04 | 000,078,988 | ---- | C] () -- C:\Users\scb\Desktop\d7-16gj.pdf
[2013.05.09 16:16:56 | 000,000,539 | ---- | C] () -- C:\Users\scb\Desktop\basket.xml
[2013.05.07 15:09:50 | 000,090,338 | ---- | C] () -- C:\Users\scb\Desktop\Schema1007_new.jpg
[2013.05.06 19:41:48 | 000,097,783 | ---- | C] () -- C:\Users\scb\Desktop\Onken.jpg
[2013.05.05 18:47:22 | 000,030,965 | ---- | C] () -- C:\Users\scb\Desktop\IMG_0719.jpg
[2013.05.05 14:48:27 | 000,143,872 | ---- | C] () -- C:\Users\scb\Desktop\BRE.mix
[2013.05.05 14:22:50 | 000,776,192 | ---- | C] () -- C:\Users\scb\Desktop\Schema1007_2.mix
[2013.05.05 12:47:49 | 000,072,651 | ---- | C] () -- C:\Users\scb\Desktop\Schema1007.jpg
[2013.05.02 01:59:29 | 001,254,912 | ---- | C] () -- C:\Users\scb\Desktop\logo.mix
[2013.05.02 01:30:09 | 000,047,675 | ---- | C] () -- C:\Users\scb\Desktop\Philips-logo.png
[2013.05.01 23:47:27 | 000,345,600 | ---- | C] () -- C:\Users\scb\Desktop\Background.mix
[2013.04.30 11:40:55 | 000,000,687 | ---- | C] () -- C:\Users\scb\Desktop\Homepages.lnk
[2013.04.27 19:25:46 | 000,092,214 | ---- | C] () -- C:\Windows\SysNative\matrix.scr
[2013.04.27 10:55:08 | 000,140,602 | ---- | C] () -- E:\Documents\BC 326.jpg
[2013.03.15 21:54:57 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2013.03.15 21:26:54 | 000,000,052 | ---- | C] () -- C:\Windows\videodeLuxe.INI
[2013.03.15 21:18:12 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll
[2013.03.15 21:12:30 | 000,001,208 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013.03.13 18:46:40 | 000,393,256 | ---- | C] () -- C:\Windows\SysWow64\CNQ4809N.DAT
[2013.02.27 19:05:30 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.15 17:06:22 | 000,000,039 | ---- | C] () -- C:\Windows\spwdrp.INI
[2012.11.20 17:17:08 | 000,000,040 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2012.11.16 17:16:40 | 000,000,153 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2012.11.16 17:16:40 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2012.11.16 17:16:39 | 000,022,898 | ---- | C] () -- C:\Windows\HL-3070CW.INI
[2012.11.16 17:15:28 | 000,000,471 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.11.16 17:15:26 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012.11.16 17:15:26 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012.11.16 17:14:56 | 000,000,326 | ---- | C] () -- C:\Windows\Brownie.ini
[2012.11.16 17:05:41 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.11.16 14:04:51 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012.11.16 14:04:51 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012.01.17 12:24:10 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\ASGT.exe
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
Code:
OTL Extras logfile created on: 21.05.2013 20:19:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = H:\
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
6.00 Gb Total Physical Memory | 5.41 Gb Available Physical Memory | 90.21% Memory free
11.99 Gb Paging File | 11.41 Gb Available in Paging File | 95.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.66 Gb Total Space | 46.69 Gb Free Space | 47.81% Space Free | Partition Type: NTFS
Drive D: | 195.32 Gb Total Space | 131.18 Gb Free Space | 67.16% Space Free | Partition Type: NTFS
Drive E: | 172.78 Gb Total Space | 34.87 Gb Free Space | 20.18% Space Free | Partition Type: NTFS
Drive H: | 3.75 Gb Total Space | 3.28 Gb Free Space | 87.45% Space Free | Partition Type: FAT32
Computer Name: ISRA | User Name: scb | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1608641657-4023151620-1790342431-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05BD592C-A722-40EC-AE8F-7741D27AB2DE}" = rport=138 | protocol=17 | dir=out | app=system |
"{0C7DC496-199A-4C6A-BC09-0F8245F44EE9}" = lport=445 | protocol=6 | dir=in | app=system |
"{120E1AEB-9219-4AC7-AD4B-C266CD86A9EA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{191E054B-CB99-474E-9024-9365D369A02A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{248887C0-73C4-4EAB-BCF7-942A497DB44C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{26514C49-4F06-4968-B7B9-59BAF2817B9A}" = lport=138 | protocol=17 | dir=in | app=system |
"{2C0FD673-EE09-4EE4-8599-C870B7257CF5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5E53D79A-8762-4D08-9B3F-B02DA7F0C8E9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5EFCB6E8-237E-4329-BAB0-2FD6CDFB5106}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{67020595-961F-4F19-987D-8BBE2A12156C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{67BC5FCB-7F89-4BC3-AD85-DECAD42BD593}" = lport=139 | protocol=6 | dir=in | app=system |
"{67C28E0D-41CE-4020-8C65-279696443B5B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6945DED7-3AD0-4B92-AED7-D389C28532FA}" = rport=445 | protocol=6 | dir=out | app=system |
"{734CFF57-15E2-4C0B-BDF5-7B0219232B6B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{78F08526-D94F-4A24-9CC8-C5D222C2A9D1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{85709124-3E8B-4C80-B961-5C899C1642F6}" = lport=137 | protocol=17 | dir=in | app=system |
"{984186F5-30E5-45B4-A60D-274286988025}" = rport=139 | protocol=6 | dir=out | app=system |
"{ABC709F6-ACA6-4F45-83C4-D8DE85143144}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AD583A50-4CF6-49D6-9BF9-0F35863F6AAD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B594AE00-99D9-4638-8C9C-1DD4B3779AA5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BEB29DE1-2E7F-4DD4-991F-50C2C68FFC58}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C0113DA8-B8F2-4D99-BD30-D5924303F93B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C498E6CD-8EAA-491F-87F4-52CC27CB51C3}" = rport=137 | protocol=17 | dir=out | app=system |
"{CF284082-FFD6-46B5-8821-975150E4C193}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F89420AC-5974-4969-86D8-053F0F5AEE09}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06EB5B3E-92D8-4674-829B-66B33B0D8F12}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{08A40B8D-0992-4B55-8C76-B70F0667D8C4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1486FDAC-D4AF-4FD0-87A7-D6FCCBEC1A26}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1FEE23B9-C721-4ACA-A34F-DEF1390D0E3C}" = protocol=6 | dir=out | app=system |
"{21D01621-AC99-4F85-9ECB-4E753DF2BD80}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2721C036-8C57-4291-9A96-9DC2FC3908CD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{392BF767-FEC6-4987-9751-982185A71510}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{399352B3-FF5C-401C-980C-D6C6384186DA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{449660F7-CE76-4711-BAFD-47C94A539BD3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4C1A66AA-5C93-447A-AC58-DA014279E7AC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{519ABD4F-340D-462C-9548-CFAEE3E57EF8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6138CBBB-B354-46BF-8E5D-8D42BA85BD51}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{61C9EBA5-A83F-4455-9BA0-E56063349754}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{678616BC-B0E8-4B1E-9EF6-4A3367392BBB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6873DEB3-B527-401D-8AE6-B85D79ABD855}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6B627AAF-F275-4E79-93B8-147FE8D08E00}" = protocol=17 | dir=in | app=d:\programme\microsoft games\flight simulator 9\fs9.exe |
"{73682283-B557-4F3C-A4C1-B3D6D22C25E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75EADD8D-3921-4FC3-A894-422F45E4FB11}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{796A4E36-DDDC-4861-92F8-C0301100416E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7A80B152-F85F-455A-ACC7-D5DD243E4538}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{816807C1-F22D-4E13-B594-37674A50F078}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8670901B-EB5C-4DD2-9315-1C697C019B05}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8FFDC46B-1F3E-472B-883E-F479D8B7188D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{9083DC63-459F-44D6-8F89-66FB2E957A8C}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{97E69320-849E-4BCB-B132-C247AB2A1078}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ABB6B26B-4587-4C16-8A10-86AFEBE8E53B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B1D40D05-B6DF-44F4-B42C-711386B0EB75}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B7766375-48BB-49D0-AD4C-0AAB3141491D}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{BCC7600D-BB0F-4E6D-8664-9080CA82D4BA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BEB7E314-3C10-4AB5-B8DA-721C79564E7F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BEF73FC1-E40C-4B87-9C42-03AB8FBDA3C3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C81077D2-5861-417B-806F-352D4C57AD27}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CDE839FC-FFCD-4EBE-B1DF-5054E82D25FF}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{CE8FF971-03F9-4F5E-A141-2566AC7A36B1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D02FC892-676C-4E41-889F-3CBE11CDDE29}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E4BEDD6C-DF3F-4385-8CE2-1A8244C338C9}" = protocol=6 | dir=in | app=d:\programme\microsoft games\flight simulator 9\fs9.exe |
"TCP Query User{23FB9252-517D-4F45-97B2-E78495694D60}D:\programme\microsoft games\flight simulator 9\fs9.exe" = protocol=6 | dir=in | app=d:\programme\microsoft games\flight simulator 9\fs9.exe |
"TCP Query User{2A78273D-AAA9-4E8D-AF74-873617E6D9DC}D:\program files\ws_ftp\ws_ftp95.exe" = protocol=6 | dir=in | app=d:\program files\ws_ftp\ws_ftp95.exe |
"UDP Query User{1039C6B5-9396-4FC9-B477-B8078E3F840E}D:\program files\ws_ftp\ws_ftp95.exe" = protocol=17 | dir=in | app=d:\program files\ws_ftp\ws_ftp95.exe |
"UDP Query User{D142E5CF-6801-4D60-A35D-F6CCBEC9DBA8}D:\programme\microsoft games\flight simulator 9\fs9.exe" = protocol=17 | dir=in | app=d:\programme\microsoft games\flight simulator 9\fs9.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809" = CanoScan LiDE 210 Scanner Driver
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{5EDDD103-CF66-40DF-A0B9-DECDC0F017D5}" = MAGIX Video deluxe 2013
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{A3A1D6DC-7CB4-4894-8E54-3A48493EF488}" = MAGIX Speed burnR (MSI)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 304.87
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0613
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055983A1-A1BD-46B1-9C5D-BDB624A54E06}" = Mailsoft's - Fly the Tiger
"{08260043-A46C-407D-BADD-610ED5E05661}" = FS Design Studio V3.5.1
"{12BE408B-65A7-4A5E-90BC-28965F7F08C9}" = Flight Simulator 2004 BGLComp SDK
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3C5EA394-1031-11D2-A2CB-00C04F72F31D}" = Microsoft PhotoDraw 2000 V2
"{3FF8E8A7-5BA8-4D9E-B976-B05B2B00B0AE}" = Microsoft Expression Web 4
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"{538E95B8-3808-4BCF-86E2-44D06E099834}" = FS Design Studio V2
"{5F9EEE99-15FE-4AC4-B400-6C6568E87557}" = FS Design Studio V3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D606567-5047-451A-B49E-29FCB6012B4E}" = Microsoft Flight Simulator X: Acceleration
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.1208.1
"{8F1F0AEC-8646-4F62-9386-83705EECDC03}" = ALS-SIM Mirage for FSX
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91309FCB-3520-4579-9BD8-6B8BF39C773A}_is1" = VRS F/A-18E Superbug
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F30A684-44DC-4BDF-89ED-70F9021B851F}" = REX Essential Plus Overdrive
"{9FCDA3BF-A003-41E0-A75A-8C5590829A55}" = Brother HL-3070CW
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{BD5AA756-2E57-4AE2-BAB2-3A54DA1C50F4}" = TubeBox
"{bfc92a01-1ae1-4375-befa-7e090bff5f6a}" = TubeBox
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EFFCACBE-98CF-4AAC-8CC9-85EA6D7BF78C}" = Mailsoft's - Fly the Tiger X
"{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"Active Camera 2004 patch for FS 9.1" = Active Camera 2004 patch for FS 9.1
"Active Camera 2004 version 2.0" = Active Camera 2004 version 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ATC Radar" = ATC Radar
"AudioCS" = Creative Audio Control Panel
"BG9_is1" = Ben Gurion Airport for FS2004
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt
"FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}" = Microsoft Flight Simulator X: Acceleration
"Free Studio_is1" = Free Studio version 2013
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 5.0.22.128
"FSDyn!" = FSDyn!
"Google Chrome" = Google Chrome
"IBNetPlayer" = IBNetPlayer
"InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"instant scenery2" = Instant Scenery
"IrfanView" = IrfanView (remove only)
"MAGIX_{5EDDD103-CF66-40DF-A0B9-DECDC0F017D5}" = MAGIX Video deluxe 2013
"MAGIX_{A3A1D6DC-7CB4-4894-8E54-3A48493EF488}" = MAGIX Speed burnR (MSI)
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Radar v2.0 for FS2004" = Radar v2.0 for FS2004
"Radar v2.0 for FSX" = Radar v2.0 for FSX
"RAZBAM - SkyHawk's FS2004 Vol4" = RAZBAM - SkyHawk's FS2004 Vol4
"RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}" = Flight Simulator X
"SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}" = Flight Simulator X Service Pack 1
"Stellar Phoenix Windows Data Recovery - Professional_is1" = Stellar Phoenix Windows Data Recovery - Professional
"Web_4.0.1460.0" = Microsoft Expression Web 4
"XnView_is1" = XnView 1.91.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1608641657-4023151620-1790342431-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FSDSxTweak suite v2.6" = FSDSxTweak suite v2.6
"Israeli Landclass X v1.06" = Israeli Landclass X v1.06
"Mirage IIIB" = Mirage IIIB
"Mirage IIIRS" = Mirage IIIRS
"Mirage IIIS" = Mirage IIIS
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.04.2013 14:08:38 | Computer Name = Isra | Source = Windows Search Service | ID = 7040
Description =
Error - 02.04.2013 14:08:38 | Computer Name = Isra | Source = Windows Search Service | ID = 7042
Description =
Error - 02.04.2013 14:08:38 | Computer Name = Isra | Source = Windows Search Service | ID = 9002
Description =
Error - 02.04.2013 14:08:38 | Computer Name = Isra | Source = Windows Search Service | ID = 3029
Description =
Error - 02.04.2013 14:08:41 | Computer Name = Isra | Source = Windows Search Service | ID = 3029
Description =
Error - 02.04.2013 14:08:41 | Computer Name = Isra | Source = Windows Search Service | ID = 3028
Description =
Error - 02.04.2013 14:08:41 | Computer Name = Isra | Source = Windows Search Service | ID = 3058
Description =
Error - 02.04.2013 14:08:41 | Computer Name = Isra | Source = Windows Search Service | ID = 7010
Description =
Error - 02.04.2013 14:10:04 | Computer Name = Isra | Source = WinMgmt | ID = 10
Description =
Error - 03.04.2013 02:55:59 | Computer Name = Isra | Source = WinMgmt | ID = 10
Description =
Error encountered while reading event logs.
< End of report >
|
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
aswMBR.exe und speichere die Datei auf deinem Desktop.
SecurityCheck und:
Textbox.
WARNUNG an die MITLESER: 
