WOW... Danke für die schnelle Antwort !
Hier die Malewarebytes Logs: Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5766
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18999
15.02.2011 15:22:47
mbam-log-2011-02-15 (15-22-47).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 175204
Laufzeit: 4 Minute(n), 2 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
c:\Users\Jenny\AppData\Local\Temp\comminfo.dll (Trojan.TemPW.Gen) -> Delete on reboot.
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\comminfo.dll (Trojan.TemPW.Gen) -> Value: comminfo.dll -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\comminfo.dll_xserve (Trojan.TemPW.Gen) -> Value: comminfo.dll_xserve -> Delete on reboot.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\Users\Jenny\AppData\Local\Temp\comminfo.dll (Trojan.TemPW.Gen) -> Quarantined and deleted successfully.
Und der zweite: Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5766
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18999
15.02.2011 15:36:59
mbam-log-2011-02-15 (15-36-59).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 175358
Laufzeit: 4 Minute(n), 27 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
c:\Users\Jenny\AppData\Local\Temp\comminfo.dll (Trojan.TemPW.Gen) -> Not selected for removal.
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\comminfo.dll (Trojan.TemPW.Gen) -> Value: comminfo.dll -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\comminfo.dll_xserve (Trojan.TemPW.Gen) -> Value: comminfo.dll_xserve -> Not selected for removal.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\Users\Jenny\AppData\Local\Temp\comminfo.dll (Trojan.TemPW.Gen) -> Not selected for removal.
Und jetzt noch die OTL sachen:
OTL.txt : Code:
OTL logfile created on: 15.02.2011 16:36:27 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Jenny\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144,04 Gb Total Space | 34,96 Gb Free Space | 24,27% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 88,88 Gb Free Space | 61,71% Space Free | Partition Type: NTFS
Drive E: | 4,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: JENNY-PC | User Name: Jenny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Jenny\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Jenny\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
========== Modules (SafeList) ==========
MOD - C:\Users\Jenny\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll (Check Point Software Technologies)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wintrust.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\imagehlp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\crtdll.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (vsmon) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys ()
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\DRIVERS\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\DRIVERS\lirsgt.sys ()
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\DRIVERS\vsdatant.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\DRIVERS\athrx.sys ()
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys ()
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011.02.15 04:52:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.11 14:38:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.01.11 14:38:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.01.11 14:38:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2010.03.04 15:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\mozilla\Extensions
[2010.03.04 15:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.02.15 04:59:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\znl714wi.default\extensions
[2010.02.27 08:50:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\znl714wi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.20 19:39:57 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\znl714wi.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010.10.15 09:58:56 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\znl714wi.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.04.05 01:32:50 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\znl714wi.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010.01.20 12:14:16 | 000,000,917 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\znl714wi.default\searchplugins\conduit.xml
[2010.07.17 02:16:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.07.17 02:16:08 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.06.12 23:33:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.02.15 04:52:10 | 000,000,000 | ---D | M] (ZoneAlarm Security Engine) -- C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\WOW64\TRUSTCHECKER
[2010.06.12 23:33:08 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009.10.23 14:01:34 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files (x86)\mozilla firefox\plugins\npzylomgamesplayer.dll
[2010.01.16 02:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 02:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.16 02:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.16 02:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.16 02:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - File not found
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WPCUMI] C:\Windows\SysNative\WpcUmi.exe ()
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000..\Run: [comminfo.dll] C:\Users\Jenny\AppData\Local\Temp\comminfo.dll ()
O4 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000..\Run: [comminfo.dll_xserve] C:\Users\Jenny\AppData\Local\Temp\comminfo.dll ()
O4 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000..\Run: [EA Core] File not found
O4 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000..\Run: [imapispl.dll] C:\Windows\SysWOW64\imapispl.dll ()
O4 - Startup: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jenny\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jenny\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\SysNative\wpclsp.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1048853084-1438700988-2564156336-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~2\Google\GOOGLE~1\GOEC62~1.DLL (Google)
O20 - AppInit_DLLs: (comminfo.dll) - C:\Windows\SysWow64\comminfo.dll ()
O20 - AppInit_DLLs: (imapispl.dll) - C:\Windows\SysWow64\imapispl.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.04.20 21:37:17 | 000,054,544 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2010.03.27 05:03:00 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{d3d503e9-0f4c-11df-bd79-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d3d503e9-0f4c-11df-bd79-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2010.04.20 21:37:17 | 000,054,544 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vsmon - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {9AB7AB87-B968-4CDD-CE63-C3EED51973AA} -
ActiveX:64bit: {AB8AC77C-A00B-8AF6-0AAC-C21E018B4308} - Browser Customizations
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.02.15 06:56:29 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\Malwarebytes
[2011.02.15 06:56:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.02.15 06:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.15 06:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.15 06:56:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.02.15 05:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrendMicro
[2011.02.15 05:35:15 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011.02.15 04:52:18 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Documents\ForceField Shared Files
[2011.02.15 04:52:13 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\CheckPoint
[2011.02.15 04:51:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoneAlarm-Sicherheit
[2011.02.15 04:49:32 | 000,000,000 | ---D | C] -- C:\Programme\CheckPoint
[2011.02.15 04:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
[2011.02.15 04:49:25 | 000,046,592 | ---- | C] (Zone Labs Inc.) -- C:\Windows\SysWow64\vsutil_loc0407.dll
[2011.02.15 04:49:22 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsregexp.dll
[2011.02.15 04:48:20 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcommdb.dll
[2011.02.15 04:48:20 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcomm.dll
[2011.02.15 04:48:13 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vswmi.dll
[2011.02.15 04:48:10 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zpeng25.dll
[2011.02.15 04:48:10 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vspubapi.dll
[2011.02.15 04:48:10 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsxml.dll
[2011.02.15 04:48:10 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsmonapi.dll
[2011.02.15 04:48:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs
[2011.02.15 04:48:09 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsdata.dll
[2011.02.15 04:47:26 | 000,713,728 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsutil.dll
[2011.02.15 04:47:26 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsinit.dll
[2011.02.15 04:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs
[2011.02.15 04:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2011.02.15 04:44:47 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2011.02.15 02:15:54 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\Avira
[2011.02.15 02:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.02.15 02:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.02.14 23:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2011.02.14 02:58:08 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Downloads\Desktop\Schicke Bank 3363
[2011.02.14 02:57:34 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Downloads\Desktop\sims 3
[2011.02.13 19:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2011
[2011.02.13 19:21:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts Simulator 2011
[2011.02.12 16:08:09 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\GIANTS Editor 4.1.7
[2011.02.12 15:27:12 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Downloads\Desktop\Dreiseitenhof
[2011.02.12 14:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIANTS Software
[2011.02.12 14:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIANTS Software
[2011.02.12 01:50:04 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Downloads\Desktop\Neuer Ordner (5)
[2011.02.12 01:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2011.02.12 01:44:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip
[2011.02.11 09:06:29 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Downloads\Desktop\Neuer Ordner (4)
[2011.02.10 23:27:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine
[2011.02.10 22:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2011.02.10 22:35:17 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\eMule
[2011.02.10 22:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule
[2011.02.10 22:35:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eMule
[2011.02.10 22:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enlight
[2011.02.10 22:07:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enlight
[2011.02.10 21:47:32 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2011.02.10 21:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2011 Demo
[2011.02.10 21:45:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts Simulator 2011 Demo
[2011.02.08 14:28:10 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\click
[2011.01.18 19:16:30 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\xcharlive.1655C4F6526B808855D0A24D09D32A2277FBA03C.1
[2011.01.18 19:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xchar Live
[2011.01.18 19:14:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.02.15 16:24:01 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1048853084-1438700988-2564156336-1000UA.job
[2011.02.15 16:09:14 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.15 16:09:14 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.15 15:32:12 | 001,418,806 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.15 15:32:12 | 000,618,442 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.15 15:32:12 | 000,587,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.15 15:32:12 | 000,122,842 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.15 15:32:12 | 000,101,250 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.15 15:24:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.15 11:24:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1048853084-1438700988-2564156336-1000Core.job
[2011.02.15 06:56:23 | 000,000,952 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.15 06:30:55 | 000,002,559 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\HiJackThis.lnk
[2011.02.15 04:52:37 | 000,420,800 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2011.02.15 04:49:26 | 000,005,977 | ---- | M] () -- C:\Windows\SysWow64\vsconfig.xml
[2011.02.15 02:11:43 | 000,001,905 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.02.15 02:00:34 | 049,849,560 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\avira_antivir_personal611_de.exe
[2011.02.14 23:42:08 | 000,002,139 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Erstelle eine Welt-Tool - Beta.lnk
[2011.02.13 19:23:38 | 000,001,132 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\Landwirtschafts Simulator 2011 .lnk
[2011.02.13 17:49:41 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011.02.13 06:10:53 | 132,608,685 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\TheLostFarm.zip
[2011.02.13 02:13:00 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2011.02.12 01:49:07 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2011.02.12 01:49:07 | 000,001,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2011.02.10 23:34:25 | 000,001,024 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\zt - Verknüpfung.lnk
[2011.02.10 23:00:06 | 000,489,472 | -HS- | M] () -- C:\Windows\SysWow64\comminfo.dll
[2011.02.10 22:57:44 | 000,072,192 | -HS- | M] () -- C:\Windows\SysWow64\imapispl.dll
[2011.02.10 22:36:40 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\eMule.lnk
[2011.02.10 22:10:18 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Restaurant Empire.lnk
[2011.02.10 21:46:58 | 000,001,177 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\Landwirtschafts Simulator 2011 Demo.lnk
[2011.02.09 00:25:04 | 000,137,916 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\RD_EST_Verbandsinfo über kurzz. Vorhaltererh_2010719 V II.pdf
[2011.02.08 19:01:23 | 000,103,424 | ---- | M] () -- C:\Users\Jenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.29 19:37:08 | 000,415,431 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\zzzzzzzzzz_TerrainOverlayUpdate (1).z2f
[2011.01.29 13:33:56 | 002,873,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.01.29 06:51:33 | 000,001,355 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\Dokument.rtf
[2011.01.29 06:49:14 | 000,041,538 | ---- | M] () -- C:\Users\Jenny\.recently-used.xbel
[2011.01.23 16:50:02 | 000,003,020 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\gooooooooooooil.rtf
[2011.01.18 19:14:54 | 000,000,806 | ---- | M] () -- C:\Users\Jenny\Downloads\Desktop\Xchar Live.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.02.15 06:56:23 | 000,000,952 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.15 06:56:19 | 000,024,152 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2011.02.15 05:35:15 | 000,002,559 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\HiJackThis.lnk
[2011.02.15 04:49:26 | 000,005,977 | ---- | C] () -- C:\Windows\SysWow64\vsconfig.xml
[2011.02.15 04:48:09 | 000,420,800 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2011.02.15 04:45:09 | 000,453,720 | ---- | C] () -- C:\Windows\SysNative\drivers\vsdatant.sys
[2011.02.15 02:11:43 | 000,001,905 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.02.15 02:11:34 | 000,116,568 | ---- | C] () -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.02.15 02:11:34 | 000,083,120 | ---- | C] () -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.02.15 01:38:46 | 049,849,560 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\avira_antivir_personal611_de.exe
[2011.02.14 23:42:08 | 000,002,139 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Erstelle eine Welt-Tool - Beta.lnk
[2011.02.13 19:23:38 | 000,001,132 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\Landwirtschafts Simulator 2011 .lnk
[2011.02.13 04:55:27 | 132,608,685 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\TheLostFarm.zip
[2011.02.12 01:49:07 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2011.02.12 01:49:07 | 000,001,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2011.02.10 23:34:25 | 000,001,024 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\zt - Verknüpfung.lnk
[2011.02.10 23:00:06 | 000,489,472 | -HS- | C] () -- C:\Windows\SysWow64\comminfo.dll
[2011.02.10 22:57:44 | 000,072,192 | -HS- | C] () -- C:\Windows\SysWow64\imapispl.dll
[2011.02.10 22:36:40 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\eMule.lnk
[2011.02.10 22:10:18 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Restaurant Empire.lnk
[2011.02.10 21:46:58 | 000,001,177 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\Landwirtschafts Simulator 2011 Demo.lnk
[2011.02.09 00:25:04 | 000,137,916 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\RD_EST_Verbandsinfo über kurzz. Vorhaltererh_2010719 V II.pdf
[2011.01.29 19:36:59 | 000,415,431 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\zzzzzzzzzz_TerrainOverlayUpdate (1).z2f
[2011.01.29 06:51:33 | 000,001,355 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\Dokument.rtf
[2011.01.29 06:49:14 | 000,041,538 | ---- | C] () -- C:\Users\Jenny\.recently-used.xbel
[2011.01.23 03:47:20 | 000,003,020 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\gooooooooooooil.rtf
[2011.01.18 19:14:54 | 000,000,818 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xchar Live.lnk
[2011.01.18 19:14:54 | 000,000,806 | ---- | C] () -- C:\Users\Jenny\Downloads\Desktop\Xchar Live.lnk
[2011.01.03 00:59:00 | 000,024,226 | ---- | C] () -- C:\Users\Jenny\AppData\Roaming\UserTile.png
[2010.10.14 22:23:34 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.06.04 12:16:30 | 000,000,355 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.05.28 01:09:00 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.05.26 23:11:14 | 000,402,680 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_vcredistMSI4F46.txt
[2010.05.26 23:11:14 | 000,011,402 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_vcredistUI4F46.txt
[2010.05.20 09:23:15 | 000,424,158 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_vcredistMSI00C3.txt
[2010.05.20 09:23:15 | 000,011,694 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_vcredistUI00C3.txt
[2010.02.07 16:15:03 | 000,810,740 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_NET_Framework35_LangPack_MSI1A60.txt
[2010.02.07 15:58:15 | 000,097,274 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_dotnetfx35install_lp.txt
[2010.02.07 15:58:15 | 000,000,002 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_dotnetfx35error_lp.txt
[2010.02.07 15:56:04 | 002,484,952 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_NET_Framework35_x64_MSI0BD9.txt
[2010.02.03 14:19:03 | 000,103,424 | ---- | C] () -- C:\Users\Jenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.01 17:24:59 | 000,631,219 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2010.02.01 17:24:55 | 000,670,402 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_dotnetfx35install.txt
[2010.02.01 17:24:55 | 000,012,100 | ---- | C] () -- C:\Users\Jenny\AppData\Local\uxeventlog.txt
[2010.02.01 17:24:55 | 000,001,966 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_dotnetfx35error.txt
[2010.02.01 17:03:38 | 000,420,964 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_vcredistMSI6AC0.txt
[2010.02.01 17:03:37 | 000,012,222 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_vcredistUI6AC0.txt
[2010.02.01 16:30:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.02.01 15:46:54 | 000,417,922 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_vcredistMSI3005.txt
[2010.02.01 15:46:53 | 000,011,462 | ---- | C] () -- C:\Users\Jenny\AppData\Local\dd_vcredistUI3005.txt
[2010.01.31 23:16:12 | 000,001,356 | ---- | C] () -- C:\Users\Jenny\AppData\Local\d3d9caps.dat
[2010.01.31 23:16:10 | 000,000,552 | ---- | C] () -- C:\Users\Jenny\AppData\Local\d3d8caps.dat
[2010.01.31 22:35:11 | 001,106,332 | ---- | C] () -- C:\Programme\xp3264-7.7.0.329-whql.zip
[2010.01.31 21:52:12 | 000,001,460 | ---- | C] () -- C:\Users\Jenny\AppData\Local\d3d9caps64.dat
[2008.12.11 11:27:24 | 000,119,093 | ---- | C] () -- C:\Users\Jenny\AppData\Roaming\com.kennettnet.MusicRescue4.Profiles.plist
[2008.12.11 10:53:20 | 001,023,748 | ---- | C] () -- C:\Users\Jenny\AppData\Roaming\com.kennettnet.MusicRescue4.plist
[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 03:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2011.02.13 17:52:59 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Azureus
[2010.09.08 03:04:14 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\cbuenger
[2011.02.15 04:52:13 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\CheckPoint
[2011.02.08 14:28:10 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\click
[2010.10.15 09:58:55 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.05.18 13:52:09 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Facebook
[2011.01.29 06:49:14 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\gtk-2.0
[2010.09.15 13:35:50 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\ICQ
[2010.09.27 12:16:09 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Notepad++
[2010.05.26 23:14:11 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\OpenOffice.org
[2010.07.20 22:13:45 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Opera
[2011.01.03 00:59:00 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\PeerNetworking
[2010.04.11 03:59:40 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\SchnellSchreiben
[2010.02.08 23:37:41 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Shareaza
[2010.03.04 15:06:23 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Thunderbird
[2010.02.01 18:44:47 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\TS3Client
[2010.02.27 09:32:55 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Wildlife Park 2 - Abenteuer auf der Ranch
[2010.03.01 09:45:38 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Wildlife Park 2 - Crazy Zoo
[2010.02.27 09:29:03 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Wildlife Park 2 - Marine World
[2011.01.18 19:16:30 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\xcharlive.1655C4F6526B808855D0A24D09D32A2277FBA03C.1
[2011.02.13 02:13:00 | 000,000,366 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2011.02.15 15:23:07 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.05.25 17:19:19 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Adobe
[2010.04.17 14:07:43 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Apple Computer
[2011.02.15 02:15:54 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Avira
[2011.02.13 17:52:59 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Azureus
[2010.09.08 03:04:14 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\cbuenger
[2011.02.15 04:52:13 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\CheckPoint
[2011.02.08 14:28:10 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\click
[2010.10.13 16:16:14 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\dvdcss
[2010.10.15 09:58:55 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.05.18 13:52:09 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Facebook
[2011.01.29 06:49:14 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\gtk-2.0
[2010.09.15 13:35:50 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\ICQ
[2010.01.31 21:52:25 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Identities
[2010.01.31 23:59:44 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Macromedia
[2011.02.15 06:56:29 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Malwarebytes
[2006.11.02 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Media Center Programs
[2010.09.04 00:51:04 | 000,000,000 | --SD | M] -- C:\Users\Jenny\AppData\Roaming\Microsoft
[2010.03.02 13:16:23 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Microsoft Games
[2010.01.31 23:01:54 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Mozilla
[2010.09.27 12:16:09 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Notepad++
[2010.05.26 23:14:11 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\OpenOffice.org
[2010.07.20 22:13:45 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Opera
[2011.01.03 00:59:00 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\PeerNetworking
[2010.04.11 03:59:40 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\SchnellSchreiben
[2010.02.08 23:37:41 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Shareaza
[2011.01.29 17:44:24 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Skype
[2011.01.29 17:44:24 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\skypePM
[2010.03.04 15:06:23 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Thunderbird
[2010.02.01 18:44:47 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\TS3Client
[2011.02.13 05:35:15 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\vlc
[2010.02.27 09:32:55 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Wildlife Park 2 - Abenteuer auf der Ranch
[2010.03.01 09:45:38 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Wildlife Park 2 - Crazy Zoo
[2010.02.27 09:29:03 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Wildlife Park 2 - Marine World
[2011.01.18 19:16:30 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\xcharlive.1655C4F6526B808855D0A24D09D32A2277FBA03C.1
[2010.06.02 14:34:56 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Xfire
< %APPDATA%\*.exe /s >
[2011.02.10 23:24:01 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\Jenny\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2010.05.18 13:52:09 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Jenny\AppData\Roaming\Facebook\uninstall.exe
[2011.01.18 19:14:03 | 000,038,784 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.15 05:35:17 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Jenny\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
[2010.06.16 14:05:52 | 000,010,134 | R--- | M] () -- C:\Users\Jenny\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] () MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] () MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\SysNative\drivers\atapi.sys
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] () MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\SysWOW64\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008.10.29 07:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2008.10.28 03:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008.10.29 07:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\explorer.exe
[2008.10.29 07:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2008.10.30 06:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008.01.21 03:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008.01.21 03:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
< MD5 for: IASTORV.SYS >
[2008.01.21 03:46:59 | 000,290,872 | ---- | M] () MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2008.01.21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2008.01.21 03:51:03 | 000,716,800 | ---- | M] () MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\SysNative\netlogon.dll
[2008.01.21 03:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2008.01.21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SysWOW64\netlogon.dll
[2008.01.21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2008.01.21 03:46:54 | 000,054,328 | ---- | M] () MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys
[2008.01.21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
< MD5 for: NVSTOR32.SYS >
[2008.08.19 03:58:42 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=2A0CC26D67B38460CC7563BC8313C1D6 -- C:\ACER\Preload\Autorun\DRV\nVidia Chipset MCP79\IDE\WinVista\sataraid\nvstor32.sys
[2008.08.19 03:58:16 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EE374B6FB3CB2BB8D70395218B464A5 -- C:\ACER\Preload\Autorun\DRV\nVidia Chipset MCP79\IDE\WinVista\sata_ide\nvstor32.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SysWOW64\scecli.dll
[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 03:49:49 | 000,235,520 | ---- | M] () MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\SysNative\scecli.dll
[2008.01.21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
< MD5 for: USER32.DLL >
[2008.01.21 03:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\SysWOW64\user32.dll
[2008.01.21 03:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
[2008.01.21 03:48:29 | 000,820,224 | ---- | M] () Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll
[2008.01.21 03:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] () MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.01.21 03:49:47 | 000,406,016 | ---- | M] () MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\SysNative\winlogon.exe
[2008.01.21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe
[2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 03:49:42 | 000,020,992 | ---- | M] () MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2008.01.21 03:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2011.02.10 22:57:44 | 000,072,192 | -HS- | M] () Unable to obtain MD5 -- C:\Windows\SysWOW64\imapispl.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 16 bytes -> C:\Users\Jenny\Downloads:Shareaza.GUID
< End of report >
Extras.txt: Code:
OTL Extras logfile created on: 15.02.2011 16:36:27 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Jenny\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144,04 Gb Total Space | 34,96 Gb Free Space | 24,27% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 88,88 Gb Free Space | 61,71% Space Free | Partition Type: NTFS
Drive E: | 4,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: JENNY-PC | User Name: Jenny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe ()
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1048853084-1438700988-2564156336-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Jenny\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l ()
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D9E3EF1-B710-47B1-85F4-9342B016EE22}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2FFC954A-E747-498E-8D9B-C65EAD7A2669}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4486D6C4-08C0-47F4-9C48-2D3699F3CE24}" = rport=139 | protocol=6 | dir=out | app=system |
"{5C9921A4-0AAA-41B1-84CC-ECAF7196FB0B}" = rport=445 | protocol=6 | dir=out | app=system |
"{5F179EF4-09A8-4031-8564-58D3A08A736D}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{63360094-50B5-4900-A261-53C35A1DC708}" = lport=139 | protocol=6 | dir=in | app=system |
"{705C13A6-BA84-4423-8B3B-E998D55E89C9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{73B5A5B8-14F2-4CE2-B88D-9DDD7744F5BF}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7B3C5F7E-CD82-41DE-8794-EA6D3B3A5F5B}" = lport=445 | protocol=6 | dir=in | app=system |
"{7E7C131B-7C84-4A91-AB09-2AEA207EB60F}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{85F7A402-913B-49AD-AD8C-829E860F8F36}" = rport=137 | protocol=17 | dir=out | app=system |
"{8B28533C-33DD-4044-9205-C0DD2D3B454A}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{90E5B748-B9B8-43BA-97AA-FA0150A0976F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9A14A8E3-A510-4515-A553-ACC4A7C9FA73}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9AC5AAB7-EB94-4239-8D75-1B932BE81C03}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AC35521A-1632-40BA-88D7-E6AB7754711A}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B38E3E1A-2F96-4E30-9A34-335505AE1853}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B9DCE538-2DDD-41D2-B82D-7460D33255B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE0760EB-8275-487F-A62F-502A86F0E98E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D14E591A-0751-45E3-AE1F-1E65E0C66F32}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D5D75441-B4DB-47F5-8473-ACFB065E8361}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{DABB67D5-4AC0-43EC-A31E-D9B5753B04A5}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DC3F9E8C-32E9-48F8-942C-134ABEC3006E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E1D57087-A964-497E-89EF-973F7B7308A9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED63B38D-C228-4BE8-B272-095A7BB79CE3}" = lport=138 | protocol=17 | dir=in | app=system |
"{EF665286-93AA-4062-8A70-CD4B35575178}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{EFE33D56-28C6-4006-AE3B-9E32010323AC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F1BEF5C7-CF0E-425B-88E4-8CE111874324}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6E0FB1B-A934-4FB3-A2FF-BD83B7C2AD1F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F9469308-6BCE-4C47-9873-A99C7C52CA8D}" = lport=137 | protocol=17 | dir=in | app=system |
"{FD53D5C0-F461-4D37-BB74-550D1E373CC6}" = rport=138 | protocol=17 | dir=out | app=system |
"{FE04EA09-37A6-4982-B758-784228C0E458}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A81043-7796-41E3-BC3C-49B1C3B236EC}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0B8CA0A9-AF2F-4C29-AC17-EA29AC326E96}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{11D12195-8A89-4D7B-BE1E-DD0B343942E7}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{17951A3D-891C-4AE5-965D-CF0C2E4CCE1C}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{1C99CC90-B23D-4D01-832D-1418B5C9ED0A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{1E272962-E9DE-4EB6-98D6-DEB38565C44C}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{23CA455D-8FF2-4871-88E8-9D7F162CF43E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{25523BD5-2BD7-4BE6-951E-90039650A4DB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2EF7DEF0-95F8-475B-B27D-F0FA9C405261}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{32852F5D-DE31-468C-BE48-0A678B9BB093}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{33B3A4CF-1E8A-4945-B063-D5C7FC48AEA1}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{3A628128-3359-4490-AFDC-DF07C7E39EFF}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{3A7D84CF-D147-4709-BA00-91B080A154BD}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011 demo\game.exe |
"{3ADEAD8F-FBE4-4BC1-8DDF-3127A616602E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3D3FF7D2-39AF-4EC4-884A-1F708BC43584}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4173FE29-A87E-4003-A4D6-10555B4BD65E}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011\game.exe |
"{4454D8F6-9CD3-4C39-A56A-AD07E121A845}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011\game.exe |
"{4DA1B8B2-0F14-451E-9582-861E0D437374}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{4F58AF55-590B-4943-B060-EE284AF4FBA3}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{4FCE6D0D-0E9D-4F5C-9F89-6728B8B6F2AF}" = protocol=17 | dir=in | app=c:\program files (x86)\curse\curseclient.exe |
"{549C980C-4DCE-4C0B-A477-5A41995C8FF0}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{58DA634E-D431-4CFC-9B6F-5541813CFB52}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011 demo\farmingsimulator2011.exe |
"{678A4FC3-0E3E-4906-AF76-14DD8246C03A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6A7DFC96-A164-4368-9635-D8E559445048}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{7047F758-D08C-4788-8E38-030D14C4CAD6}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{71745BB1-D72E-41EC-9326-BEBF0DAE8B19}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{7543FBC7-4866-48F0-B1DD-2E77F4A2D5E6}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{7ADD9701-67E2-43CA-BBC3-74D0C5F201D3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{83400D6D-F526-47E1-92F7-D362BE9B10EC}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011 demo\game.exe |
"{8671DA6B-B3E8-4B23-B968-1C7ED2FD0FAF}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{8AE1480F-5D28-4F87-AE56-2881001D9742}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{8CCC2A1C-C48A-4595-A5D9-C82A1B9A26FD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{936C00B4-D245-4D6C-85B8-6BFD6F28D1F1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9A0A95FC-3C9E-40C7-B8E8-C0944122ECC2}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{9A22B75F-326D-4B83-B1D9-3B860A254033}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A0B38BAE-3F47-4DA7-8C15-B9AB65B15F40}" = protocol=6 | dir=in | app=c:\program files (x86)\curse\curseclient.exe |
"{A2C1572A-544D-448C-A044-C0AD4EAE1E32}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{A3BB45CB-3D51-43EA-8C49-F8871D7356E8}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{A4AAEB30-AB6C-4725-9B12-32EE0BADE032}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{A5F67407-81F0-41D4-967E-09C49A6CD353}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B9EE1C75-3082-4C70-8AC9-EBFF3A5DE8E6}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{BBB13935-F617-42BD-A655-0B5D505F0DE2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{C4C05AF2-D2A2-4FFD-926F-B6852A17D540}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C9962595-2BD4-4E0A-909A-1BFB600E2E36}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CBEFEBC9-A953-4C86-A0FF-8449C080ECB8}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D1A71CC6-734A-4CB0-8A7B-C59EA8CDC48E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E78FDB5D-7AC0-48D0-A5A2-39403048FD59}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{E7FE9AE1-6EE2-4AAD-BC75-DE24FAC05FDC}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{E894F62D-788F-4137-B4F3-811645031522}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E895698F-FE96-4AC7-9473-75456B1DCEF3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E916F540-479A-4952-A241-8F4C03CC6C1B}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{E9FCC38D-84BE-42AC-97EE-A48390720616}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EC89B534-483D-47CF-AE50-0297DA12EA57}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{F72EFB69-68D9-4289-89F4-4BF5C6A635D6}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011 demo\farmingsimulator2011.exe |
"{FABE791F-89FE-4AA4-A91E-121E04348BFE}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"TCP Query User{05D8C4A8-0356-46FE-B19F-E97561EE2624}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{0613C043-C688-4632-BFEA-ADF8086102E5}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{0B529590-B06A-421B-B4E4-AAA84F104567}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe |
"TCP Query User{14677945-8DD0-4E6A-B79C-FCFE02B01A95}C:\program files (x86)\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\blizzard downloader.exe |
"TCP Query User{160380B5-24FE-4AB3-A62A-F6ACD420BA60}D:\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe |
"TCP Query User{1EA4E6DA-8FD0-4D43-B572-DF4E1EF78872}C:\program files (x86)\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe |
"TCP Query User{3BE7CA22-74E8-44D5-B992-523521625A97}C:\program files (x86)\shareaza\shareaza.exe" = protocol=6 | dir=in | app=c:\program files (x86)\shareaza\shareaza.exe |
"TCP Query User{3D9DA8D3-04D1-4C4B-BB03-1C6ECAADBDA8}D:\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\blizzard downloader.exe |
"TCP Query User{4047EC8C-7D77-45D1-AAD0-687666A2F3A2}C:\program files (x86)\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe |
"TCP Query User{4F7F6996-D0BC-4338-BDA1-4E16486C3062}D:\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe |
"TCP Query User{5DFC0B54-A9C6-48AA-BA9C-4FFAB3BB2135}D:\spiele\anno 1701\anno1701.exe" = protocol=6 | dir=in | app=d:\spiele\anno 1701\anno1701.exe |
"TCP Query User{5EDFE4D0-352C-4119-895D-3240B09E6F7A}C:\program files (x86)\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe |
"TCP Query User{6068D593-8AD0-4534-9F97-70F95AFFEA5E}D:\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"TCP Query User{704B6669-7BDB-4902-B8D4-70D61049A3BA}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{717853CE-98FA-41AC-8923-CA5417635342}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{753B41D5-DA73-4A78-BB9F-4E68AEA21717}C:\users\jenny\appdata\local\temp\odbccap.exe" = protocol=6 | dir=in | app=c:\users\jenny\appdata\local\temp\odbccap.exe |
"TCP Query User{7D16FEFB-5D87-4514-A845-E9AEE8707D23}D:\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe |
"TCP Query User{7F05218B-5E2E-4E91-8CCA-EA67697AA5CC}D:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"TCP Query User{8035F405-D47C-4F53-91BF-0EE5E3A88EA4}D:\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe |
"TCP Query User{A3E3A5C7-FCB1-49AE-A28F-9DD2C4715932}D:\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe |
"TCP Query User{ADA95796-D8E6-4F32-8F4F-A8AF959E38C6}D:\spiele\runes of magic\client.exe" = protocol=6 | dir=in | app=d:\spiele\runes of magic\client.exe |
"TCP Query User{BC2BB0A2-1F65-4029-AEA4-D11BD1AD70B2}C:\program files (x86)\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe |
"TCP Query User{D1B9FA6A-A5AD-4EB5-A2C3-EF7550CD65B5}C:\program files (x86)\safari\safari.exe" = protocol=6 | dir=in | app=c:\program files (x86)\safari\safari.exe |
"TCP Query User{D32610B2-D78F-4A83-AFAD-6220C8B1A35E}D:\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe |
"TCP Query User{F84BD2D8-8687-46BB-8E74-7E1CEBA45A25}D:\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe |
"TCP Query User{F9A77CCC-D174-41C9-AC3E-710C8753F631}D:\world of warcraft\repair.exe" = protocol=6 | dir=in | app=d:\world of warcraft\repair.exe |
"UDP Query User{055CCBD7-461F-46FE-90C1-25A996A8FF29}C:\users\jenny\appdata\local\temp\odbccap.exe" = protocol=17 | dir=in | app=c:\users\jenny\appdata\local\temp\odbccap.exe |
"UDP Query User{135C7D26-E4BB-423F-893A-209C551D2D58}D:\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe |
"UDP Query User{19986B6F-B813-4B51-8F93-5F3F2C737DD1}D:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{1CC3F523-7700-49AA-8055-0165C16DB9AC}D:\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe |
"UDP Query User{2309EB5D-C3F3-4946-870C-DE27643C9CE3}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe |
"UDP Query User{2C061541-CD63-40A8-97F0-83330C80E3F9}D:\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe |
"UDP Query User{2D406E63-E1D3-4EF0-96E3-EE99EAE5BE58}C:\program files (x86)\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\blizzard downloader.exe |
"UDP Query User{3A593BA5-3883-4701-AE6F-9A5FDE28930E}D:\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe |
"UDP Query User{507024A6-C343-4998-ACC2-C8CCEA96FE50}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{530195A9-ED1A-4B65-AD08-09F44AA6EF97}C:\program files (x86)\safari\safari.exe" = protocol=17 | dir=in | app=c:\program files (x86)\safari\safari.exe |
"UDP Query User{694D3DF7-27E8-422F-B539-381FD72C89CC}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{71C8583F-D2F4-404F-8EEF-3E98FD14BF8A}D:\world of warcraft\repair.exe" = protocol=17 | dir=in | app=d:\world of warcraft\repair.exe |
"UDP Query User{7ED44C03-32CD-4FAD-B8EE-269B241096E9}D:\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe |
"UDP Query User{83000CD1-4412-49C2-951C-7E7E9DED82B3}C:\program files (x86)\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe |
"UDP Query User{91CD5F1F-36C5-46CA-A946-B186BF1BD3B6}D:\spiele\runes of magic\client.exe" = protocol=17 | dir=in | app=d:\spiele\runes of magic\client.exe |
"UDP Query User{97204BA9-D7AD-43A3-9609-F8EE927625AA}C:\program files (x86)\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe |
"UDP Query User{AEAE135D-E93F-437F-9CFA-D18867EEF934}C:\program files (x86)\shareaza\shareaza.exe" = protocol=17 | dir=in | app=c:\program files (x86)\shareaza\shareaza.exe |
"UDP Query User{B63F3A0D-F7F3-4FCE-96B3-420AAA5A2961}C:\program files (x86)\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe |
"UDP Query User{C9E6026A-30A3-4FAA-B878-6C46E0E2DE88}D:\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe |
"UDP Query User{CAA16197-EE67-4AA0-A937-E9A13FD8C87B}D:\spiele\anno 1701\anno1701.exe" = protocol=17 | dir=in | app=d:\spiele\anno 1701\anno1701.exe |
"UDP Query User{CE957071-5CFB-42F7-B55F-1869C9ABE4DB}C:\program files (x86)\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe |
"UDP Query User{DE66B086-5777-49B7-B574-8835E6802154}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{E177E9A8-1306-4E32-8DF8-341B7C695350}D:\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe |
"UDP Query User{F80A9744-3C4A-4E46-9DFC-D54D813800A4}D:\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{F89C9EFC-05E2-476D-831A-C5051000B67E}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"UDP Query User{F9C4488D-3DCC-469B-9274-BDFBCE6708F4}D:\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\blizzard downloader.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A800FCC9-8E1E-4D84-9CED-47870701FDE1}" = HP Deskjet F4400 Printer Driver 14.0 Rel. 5
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3364BD16-5A28-4862-86A1-A8FF5FD23919}" = Music Rescue
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{740B51D7-C903-4536-9530-B6304C937F51}" = Wildlife Park 2 Familien Edition
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7EABB309-64F7-11D7-B796-0050BFE4DB80}" = Restaurant Empire
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}" = Zoo Tycoon 2 - Ultimate Collection
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A835C187-691C-4827-BCEA-1611179C96B9}" = DJ_AIO_05_F4400_Software_Min
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D815AEE6-1FEE-C3FC-7645-77CF6FF8ECFD}" = Xchar Live
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FFDC4005-E968-498D-93C8-CC148742167D}}_is1" = Wecker für Windows 6.5
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CamStudio" = CamStudio
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"eMule" = eMule
"EPSON Scanner" = EPSON Scan
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"FarmingSimulator2011DemoDE_is1" = Landwirtschafts Simulator 2011 Demo
"FormatFactory" = FormatFactory 2.50
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"giants_editor_4.1.7_is1" = GIANTS Editor 4.1.7
"Google Desktop" = Google Desktop
"InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}" = Zoo Tycoon 2 - Ultimate Collection
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"My Horse and Me 2" = Mein Pferd und ich 2
"NifSkope" = NifSkope (remove only)
"Notepad++" = Notepad++
"Schnell Schreiben_is1" = Schnell Schreiben 3.4.6
"Shareaza_is1" = Shareaza 2.5.3.0
"ST6UNST #1" = BEWERBUNGS-MASTER AZUBI
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"Thanksgiving Pack" = Thanksgiving Pack
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Windows Mobile Device Handbook" = Windows Mobile-Ressourcen
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"xcharlive.1655C4F6526B808855D0A24D09D32A2277FBA03C.1" = Xchar Live
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"ZoneAlarm" = ZoneAlarm
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1048853084-1438700988-2564156336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"European Expeditions" = European Expeditions
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"Radical Remake - Part 1" = Radical Remake - Part 1
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.02.2011 23:21:42 | Computer Name = Jenny-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.02.2011 23:23:14 | Computer Name = Jenny-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18999, Zeitstempel
0x4ccf92fb, fehlerhaftes Modul comminfo.dll, Version 0.0.0.0, Zeitstempel 0x4d399e97,
Ausnahmecode 0xc0000005, Fehleroffset 0x00037fd2, Prozess-ID 0xd60, Anwendungsstartzeit
01cbccbf8acd8b5f.
Error - 14.02.2011 23:47:02 | Computer Name = Jenny-PC | Source = Application Hang | ID = 1002
Description = Programm GLBE1F5.tmp, Version 9.2.58.0 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 104c Anfangszeit: 01cbccc2ac69e2bf Zeitpunkt der Beendigung:
15
Error - 14.02.2011 23:48:23 | Computer Name = Jenny-PC | Source = Software Licensing Service | ID = 8198
Description = Die Lizenzaktivierung (SLUINotify.dll) ist mit folgendem Fehlercode
fehlgeschlagen: 0x80070057
Error - 14.02.2011 23:55:42 | Computer Name = Jenny-PC | Source = Avira AntiVir | ID = 4112
Description = Bei der Anforderung nach einer Resource des Betriebssystems trat ein
Fehler auf. Die Resource 'avgntflt' wurde nicht zugewiesen. Der Grund hierfür könnte
zu wenig Hauptspeicher oder ein anderer Systemfehler sein. Fehlercode: 0xffffffff
Error - 14.02.2011 23:56:43 | Computer Name = Jenny-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.02.2011 00:11:18 | Computer Name = Jenny-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.02.2011 01:28:27 | Computer Name = Jenny-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.02.2011 08:13:38 | Computer Name = Jenny-PC | Source = Software Licensing Service | ID = 8198
Description = Die Lizenzaktivierung (SLUINotify.dll) ist mit folgendem Fehlercode
fehlgeschlagen: 0x80070057
Error - 15.02.2011 10:25:49 | Computer Name = Jenny-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 16.09.2010 15:42:47 | Computer Name = Jenny-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 16.09.2010 um 21:33:54 unerwartet heruntergefahren.
Error - 16.09.2010 15:42:51 | Computer Name = Jenny-PC | Source = HTTP | ID = 15016
Description =
Error - 17.09.2010 05:52:53 | Computer Name = Jenny-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 17.09.2010 um 11:49:53 unerwartet heruntergefahren.
Error - 17.09.2010 05:52:55 | Computer Name = Jenny-PC | Source = HTTP | ID = 15016
Description =
Error - 17.09.2010 13:15:43 | Computer Name = Jenny-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 17.09.2010 um 18:50:49 unerwartet heruntergefahren.
Error - 17.09.2010 13:15:48 | Computer Name = Jenny-PC | Source = HTTP | ID = 15016
Description =
Error - 17.09.2010 18:13:11 | Computer Name = Jenny-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 17.09.2010 um 22:54:37 unerwartet heruntergefahren.
Error - 17.09.2010 18:13:14 | Computer Name = Jenny-PC | Source = HTTP | ID = 15016
Description =
Error - 17.09.2010 18:28:27 | Computer Name = Jenny-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 18.09.2010 um 00:20:09 unerwartet heruntergefahren.
Error - 17.09.2010 18:28:33 | Computer Name = Jenny-PC | Source = HTTP | ID = 15016
Description =
< End of report >
Nochmals Danke fürs Lesen :dankeschoen: |
