| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Verschiedene RKIT/Agent in BAcroIeHelpe 180.dllWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
05.08.2012, 12:36
| #1 |
 |  Verschiedene RKIT/Agent in BAcroIeHelpe 180.dll Hallo, Antivir hat in den letzten Tagen in C:\Users\***\AppData\Roaming\BAcroIEHelpe175.dll die folgenden Viren gefunden RKIT/Agent.devb am 29.Juli RKIT/Agent.devt.1 am 31.Juli RKIT/Agent.dewf am 1.August RKIT/Agent.dewl am 4.August bei denen jeweils nach dem Klick auf "Entfernen" die Meldung nocheinmal erschien. Nach 2-3 Mal entfernen gab es dann keine Meldung mehr, nur 1-2 Tage später wiederholte sich das ganze bei den anderen Viren (siehe Liste). Nur bei dem RKIT/Agent.dewl erscheint seit gestern Abend jedes mal eine neue Meldung sobald ich auf entfernen klicke. Mein Betriebssystem ist Windows Vista 32 bit Home Premium. Ich hoffe mir kann jemand weiterhelfen. Gruß Dennis Hier sind die Logs OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.08.2012 15:18:05 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Dennis\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 57,51% Memory free 6,19 Gb Paging File | 4,99 Gb Available in Paging File | 80,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 303,84 Gb Total Space | 62,27 Gb Free Space | 20,49% Space Free | Partition Type: NTFS Drive D: | 149,92 Gb Total Space | 12,44 Gb Free Space | 8,30% Space Free | Partition Type: NTFS Drive E: | 5,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 672,44 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: DENNIS-PC | User Name: Dennis | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.08.05 13:50:29 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe PRC - [2012.07.03 03:21:38 | 026,868,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012.06.11 19:19:36 | 000,468,992 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2012.06.11 19:19:02 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2012.05.28 12:56:15 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012.05.15 11:28:16 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2012.05.15 11:27:34 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.05.08 11:05:34 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.08 11:05:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.08 11:05:34 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.08 11:05:34 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.03.29 03:57:56 | 000,016,448 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Silverlight\4.1.10329.0\agcp.exe PRC - [2012.02.24 04:29:58 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe PRC - [2012.02.23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe PRC - [2012.02.23 13:22:56 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010.12.06 08:48:15 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.07 13:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files\dcmsvc\dcmsvc.exe PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe PRC - [2007.11.03 00:49:23 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007.10.01 11:53:50 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2006.12.08 11:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe PRC - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe PRC - [2006.11.02 11:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe ========== Modules (No Company Name) ========== MOD - [2012.08.01 22:48:10 | 000,006,400 | ---- | M] () -- C:\Users\Dennis\AppData\Roaming\BAcroIEHelpe180.dll MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.03.15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll MOD - [2009.04.07 13:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files\dcmsvc\dcmsvc.exe ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService) SRV - File not found [Auto | Stopped] -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture) SRV - [2012.08.03 11:23:11 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.07.19 10:56:06 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.07.07 18:35:58 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.06.11 19:19:02 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.05.15 12:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.05.08 11:05:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.08 11:05:34 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2007.11.03 00:49:23 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2006.12.08 11:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) SRV - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\system32\D846.tmp -- (MEMSWEEP2) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2012.06.11 20:58:44 | 008,733,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2012.06.11 18:25:48 | 000,295,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2012.05.15 12:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012.05.08 11:05:34 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.05.08 11:05:34 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.02.23 14:31:36 | 000,083,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService) DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.02.11 23:23:34 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf) DRV - [2010.06.23 10:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.03.31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2007.09.17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007.07.02 17:37:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32) DRV - [2007.07.02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32) DRV - [2007.06.13 23:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000&st=10 IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855 IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2 IE - HKCU\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No CLSID value found IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={2B7F8034-8896-419E-B617-1D6B9DCE4C63}&mid=7743bdcb501947d19bc9d15067ae688a-9ec377898ad09ba0776e436fc3ac9e28ac1a7bcf&lang=en&ds=ins13&pr=sa&d=2012-02-23 11:43:40&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "MyStart Search" FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000&q=" FF - prefs.js..network.proxy.http: "95.65.124.199" FF - prefs.js..network.proxy.http_port: 80 FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.28 12:56:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.19 10:56:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.28 12:57:10 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\Dennis\AppData\Roaming\14001.008 [2012.07.31 22:36:07 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.19 10:56:06 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.28 12:57:10 | 000,000,000 | ---D | M] [2010.12.05 16:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\mozilla\Extensions [2012.07.26 14:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\91bwina0.default\extensions [2010.12.08 18:17:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\91bwina0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.03.31 11:42:19 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\91bwina0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.03.12 18:37:40 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\91bwina0.default\extensions\personas@christopher.beard [2011.12.19 14:26:36 | 000,005,508 | ---- | M] () -- C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\91bwina0.default\searchplugins\webde-suche.xml [2012.06.11 14:44:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012.07.31 22:36:07 | 000,000,000 | ---D | M] (Java Link Helper) -- C:\USERS\DENNIS\APPDATA\ROAMING\14001.008 [2012.02.23 12:43:19 | 000,164,722 | ---- | M] () (No name found) -- C:\USERS\DENNIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\91BWINA0.DEFAULT\EXTENSIONS\COMPATIBILITY@ADDONS.MOZILLA.ORG.XPI [2012.07.26 14:33:28 | 000,184,864 | ---- | M] () (No name found) -- C:\USERS\DENNIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\91BWINA0.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI [2012.07.19 10:56:06 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.04.20 13:59:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012.05.28 12:56:28 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.03.12 19:40:16 | 000,003,768 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012.06.01 18:33:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Codecv Class) - {63F52C44-BE4E-420C-A48E-54630AAA04ED} - C:\ProgramData\Codecv\bhoclass.dll () O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe () O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) O4 - HKCU..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [Userinit] C:\Users\Dennis\AppData\Roaming\appconf32.exe () O4 - Startup: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4AF80116-5608-4163-8B68-09FB0734EBA7}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012.02.03 08:11:25 | 000,055,136 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2011.11.14 17:40:17 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ UDF ] O32 - AutoRun File - [2008.10.24 01:56:12 | 000,000,000 | R--D | M] - F:\AutoRun -- [ UDF ] O32 - AutoRun File - [2008.10.24 01:58:06 | 000,703,552 | R--- | M] (Electronic Arts Inc.) - F:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2008.10.24 01:58:07 | 000,662,592 | R--- | M] (Electronic Arts Inc.) - F:\AutoRunGUI.dll -- [ UDF ] O32 - AutoRun File - [2008.10.24 01:57:48 | 000,000,166 | R--- | M] () - F:\autorun.inf -- [ UDF ] O33 - MountPoints2\{b81f32b3-0073-11e0-aa8d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{b81f32b3-0073-11e0-aa8d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2012.02.03 08:11:25 | 000,055,136 | R--- | M] (Electronic Arts) O33 - MountPoints2\{b81f32b4-0073-11e0-aa8d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{b81f32b4-0073-11e0-aa8d-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.10.24 01:58:06 | 000,703,552 | R--- | M] (Electronic Arts Inc.) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.08.05 13:56:54 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe [2012.08.05 13:38:58 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\UAs [2012.08.05 12:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos [2012.08.05 12:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos [2012.08.05 11:02:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012.08.05 11:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.08.05 11:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012.07.31 22:36:07 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\14001.008 [2012.07.30 16:18:23 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\14001.007 [2012.07.28 23:03:39 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\14001.006 [2012.07.28 23:03:08 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\xmldm [2012.07.28 23:03:07 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\kock [2012.07.24 12:44:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.07.24 12:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\Origin Games [2012.07.24 12:41:20 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\Origin [2012.07.24 12:41:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012.07.24 12:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\Origin [2012.07.23 13:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM [2012.07.20 21:52:55 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\TuneUp Software [2012.07.20 21:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.07.20 21:52:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.07.20 21:52:13 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\OpenCandy [2012.07.20 21:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher [2012.07.18 18:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2012.07.18 18:24:45 | 000,000,000 | ---D | C] -- C:\Users\Dennis\SystemRequirementsLab [2012.07.17 18:09:19 | 000,000,000 | ---D | C] -- C:\Users\Dennis\Desktop\et [2012.07.15 14:33:12 | 000,000,000 | ---D | C] -- C:\Users\Dennis\Desktop\Layer [2012.07.11 22:33:50 | 000,000,000 | R--D | C] -- C:\Users\Dennis\Dropbox [2012.07.11 22:30:55 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox [2012.07.11 22:30:44 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2012.07.11 22:29:46 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Dropbox [2012.07.10 16:09:19 | 000,000,000 | ---D | C] -- C:\Users\Dennis\Desktop\dt [2012.07.10 16:05:40 | 000,000,000 | ---D | C] -- C:\Users\Dennis\Desktop\xvi32 [2012.07.10 12:48:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2012.07.10 12:47:39 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Origin [2012.07.10 12:47:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2012.07.09 14:21:12 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\4kdownload.com [2012.07.09 13:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2012.07.09 13:50:29 | 000,000,000 | ---D | C] -- C:\Users\Dennis\Documents\Freemake [2012.07.09 13:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake [2012.07.09 13:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake [2012.07.08 14:24:02 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\RawTherapee4.0 [2012.07.08 14:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raw Therapee [2012.07.08 14:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\RawTherapeeV40 [2012.07.08 11:02:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2012.07.08 10:30:54 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TriDef 3D [2012.07.08 10:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DDD [2012.07.08 10:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\TriDef 3D [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Dennis\AppData\Roaming\*.tmp files -> C:\Users\Dennis\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.08.05 14:58:51 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.05 14:58:51 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.05 14:51:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.08.05 14:22:59 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.08.05 13:55:54 | 000,050,477 | ---- | M] () -- C:\Users\Dennis\Desktop\Defogger.exe [2012.08.05 13:54:25 | 000,000,017 | ---- | M] () -- C:\Users\Dennis\AppData\Roaming\blckdom.res [2012.08.05 13:50:29 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe [2012.08.05 11:58:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.08.05 11:58:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.05 11:58:44 | 3220,496,384 | -HS- | M] () -- C:\hiberfil.sys [2012.08.05 11:02:34 | 000,001,061 | ---- | M] () -- C:\Users\Dennis\Desktop\Spybot - Search & Destroy.lnk [2012.08.04 15:20:14 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{089F02C9-035D-4675-87E0-D33C6D9D4B30}.job [2012.08.01 22:48:10 | 000,006,400 | ---- | M] () -- C:\Users\Dennis\AppData\Roaming\BAcroIEHelpe180.dll [2012.07.29 22:26:19 | 000,000,011 | ---- | M] () -- C:\Users\Dennis\AppData\Roaming\urhtps.dat [2012.07.29 10:40:58 | 000,693,610 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.07.29 10:40:58 | 000,654,402 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.07.29 10:40:58 | 000,137,740 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.07.29 10:40:58 | 000,120,738 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.07.24 16:15:40 | 000,041,023 | ---- | M] () -- C:\Users\Dennis\.recently-used.xbel [2012.07.24 16:14:48 | 002,924,244 | ---- | M] () -- C:\Users\Dennis\Desktop\Test.png [2012.07.24 12:41:13 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2012.07.23 14:00:59 | 000,244,736 | ---- | M] () -- C:\Users\Dennis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.07.21 17:48:59 | 000,107,737 | ---- | M] () -- C:\Users\Dennis\Desktop\N002_Neighborhood.png [2012.07.14 22:44:52 | 000,002,032 | ---- | M] () -- C:\Users\Dennis\AppData\Local\d3d9caps.dat [2012.07.13 13:26:27 | 000,192,711 | ---- | M] () -- C:\Users\Dennis\Desktop.jpg [2012.07.11 22:33:50 | 000,000,948 | ---- | M] () -- C:\Users\Dennis\Desktop\Dropbox.lnk [2012.07.11 22:31:01 | 000,000,958 | ---- | M] () -- C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.07.08 15:09:47 | 000,327,680 | ---- | M] () -- C:\Windows\SPInstall.etl [2012.07.08 10:38:11 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\LG 3D Game - TriDef 3D.lnk [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Dennis\AppData\Roaming\*.tmp files -> C:\Users\Dennis\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.08.05 13:56:54 | 000,050,477 | ---- | C] () -- C:\Users\Dennis\Desktop\Defogger.exe [2012.08.05 11:02:34 | 000,001,061 | ---- | C] () -- C:\Users\Dennis\Desktop\Spybot - Search & Destroy.lnk [2012.08.01 22:48:10 | 000,006,400 | ---- | C] () -- C:\Users\Dennis\AppData\Roaming\BAcroIEHelpe180.dll [2012.07.29 22:26:19 | 000,000,011 | ---- | C] () -- C:\Users\Dennis\AppData\Roaming\urhtps.dat [2012.07.28 23:03:19 | 000,000,017 | ---- | C] () -- C:\Users\Dennis\AppData\Roaming\blckdom.res [2012.07.25 10:37:45 | 026,484,387 | ---- | C] () -- C:\Users\Dennis\Desktop\TestMerkw.Sims3Pack [2012.07.24 16:15:40 | 000,041,023 | ---- | C] () -- C:\Users\Dennis\.recently-used.xbel [2012.07.24 12:41:13 | 000,000,782 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2012.07.21 17:35:26 | 000,107,737 | ---- | C] () -- C:\Users\Dennis\Desktop\N002_Neighborhood.png [2012.07.13 17:06:43 | 002,924,244 | ---- | C] () -- C:\Users\Dennis\Desktop\Test.png [2012.07.13 13:26:23 | 000,192,711 | ---- | C] () -- C:\Users\Dennis\Desktop.jpg [2012.07.11 22:33:50 | 000,000,948 | ---- | C] () -- C:\Users\Dennis\Desktop\Dropbox.lnk [2012.07.11 22:31:01 | 000,000,958 | ---- | C] () -- C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.07.08 11:11:52 | 000,327,680 | ---- | C] () -- C:\Windows\SPInstall.etl [2012.07.08 10:30:55 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\LG 3D Game - TriDef 3D.lnk [2012.07.06 18:09:26 | 3220,496,384 | -HS- | C] () -- C:\hiberfil.sys [2012.07.03 17:16:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.06.11 18:24:32 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2012.06.11 13:50:42 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2012.04.12 21:30:10 | 000,637,743 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2011.02.11 23:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll [2011.01.10 22:13:50 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011.01.10 22:13:50 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010.12.31 13:38:52 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.12.07 14:53:52 | 000,002,032 | ---- | C] () -- C:\Users\Dennis\AppData\Local\d3d9caps.dat [2010.12.05 20:23:20 | 000,026,340 | ---- | C] () -- C:\Users\Dennis\AppData\Roaming\UserTile.png [2010.12.05 17:14:45 | 000,244,736 | ---- | C] () -- C:\Users\Dennis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.05 16:14:46 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI [2008.12.09 17:23:13 | 000,052,688 | RHS- | C] () -- C:\Users\Dennis\AppData\Roaming\appconf32.exe ========== LOP Check ========== [2012.07.28 23:03:39 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\14001.006 [2012.07.30 16:18:23 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\14001.007 [2012.07.31 22:36:07 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\14001.008 [2011.10.12 14:08:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Amazon [2010.12.23 12:22:41 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\AniTuner [2012.02.23 13:02:56 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Audacity [2012.02.23 13:14:12 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\BL-Soft [2011.07.02 14:02:02 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\BreezeTree [2011.11.20 12:23:37 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Canon [2011.04.14 17:21:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1 [2012.08.05 12:00:00 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Dropbox [2012.07.16 16:00:21 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\gtk-2.0 [2012.02.23 12:39:01 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Iggels [2011.09.06 15:42:54 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\JavaEditor [2012.07.28 23:03:07 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\kock [2011.11.17 11:52:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Leawo [2010.12.11 12:15:42 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\MilkShape 3D 1.x.x [2011.12.03 13:43:10 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\OnLive App [2012.07.20 21:52:13 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\OpenCandy [2012.07.10 12:48:53 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Origin [2011.01.10 22:20:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\PC Suite [2010.12.05 20:23:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\PeerNetworking [2011.02.18 19:17:29 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\RawTherapee [2011.01.11 18:07:50 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Samsung [2010.12.05 16:14:45 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\ScanSoft [2011.11.17 11:52:50 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\tiger-k [2012.02.06 18:18:42 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\TSRWorkshop [2012.07.20 21:52:55 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\TuneUp Software [2012.08.05 13:39:05 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\UAs [2010.12.23 13:06:49 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\XMedia Recode [2012.08.05 13:39:40 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\xmldm [2012.08.05 11:58:03 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.08.04 15:20:14 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{089F02C9-035D-4675-87E0-D33C6D9D4B30}.job ========== Purity Check ========== < End of report > --- --- --- OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 05.08.2012 15:18:05 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Dennis\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 57,51% Memory free
6,19 Gb Paging File | 4,99 Gb Available in Paging File | 80,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,84 Gb Total Space | 62,27 Gb Free Space | 20,49% Space Free | Partition Type: NTFS
Drive D: | 149,92 Gb Total Space | 12,44 Gb Free Space | 8,30% Space Free | Partition Type: NTFS
Drive E: | 5,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 672,44 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: DENNIS-PC | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Play_with_TriDef_Media_Player] -- "C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" "%1" (DDD Group Plc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- (DDD Group Plc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{055BFB92-6AAC-4A75-B644-1647CE4DE81B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A976BC8-9A8F-436D-A883-775624F9677D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D4AC4D9-75FF-4EAB-AE9A-9FDD6A47ABC9}" = rport=137 | protocol=17 | dir=out | app=system |
"{1DB3102A-F882-472E-BCC0-2FF7FD966EE8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{278BE7B6-0668-4D7B-BA89-EF0D3F6D6F02}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3626F180-A7B5-4FB6-A71A-05C76FEE58B8}" = lport=138 | protocol=17 | dir=in | app=system |
"{4721E6D5-118A-44C8-9E28-55DAD384A64C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{872501D2-75F6-4048-B47A-C243C86EFAFC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9B4DF311-D48C-4A9C-BEE5-9AB2AC23719D}" = lport=137 | protocol=17 | dir=in | app=system |
"{A1233C36-4FDB-44AB-8574-6380D4445EF2}" = rport=445 | protocol=6 | dir=out | app=system |
"{A3EF1A0F-D803-4704-ABC6-CAFC088B0E89}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BBABBA42-9A0C-4AE2-BF2D-38A7FFEE88D7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C70D3888-43C3-428C-9785-DD3B6B714B8A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C986D0EB-AA1A-43EE-B10D-3654C4BB0744}" = rport=138 | protocol=17 | dir=out | app=system |
"{D73B9B1A-B21C-4197-AAE2-A7E4245AA210}" = lport=139 | protocol=6 | dir=in | app=system |
"{D992E784-07AA-4A62-9137-868532A6B0E0}" = lport=445 | protocol=6 | dir=in | app=system |
"{E0B47CAF-D4EA-47D2-9FBE-B73BA891B066}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E80B8B71-7C90-4D52-A7CE-CA814619521A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F35CC11C-C59B-44DB-8349-5818B5EB8A6B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F8809484-C787-4A48-8B89-93FA5C0E47BA}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017C3724-2D85-4B74-A7B1-63908A8AFC2C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0F8E31DE-F379-467A-91C3-DB288B1A7DA4}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{1FE5802E-36BD-4A8C-AFBB-A0EDC4BB6F32}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{24C93F5C-F821-4207-981E-DA192D4E840D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{281E56A5-2530-4694-A46F-55F00253E649}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{2FCDD9A9-E6FC-474D-ABB2-B804F3ADFE2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{33001643-9F4B-40E3-8F4A-77798091A02B}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{34EBCA59-E3AC-4BBD-80F7-80633E1FEEC5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\war in the north\witn.exe |
"{35C4928A-6A2C-45CA-AC88-4A88F46FF812}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{367C971C-70E7-41D0-89A4-254A74D40DF9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4368AF0D-DCBE-48CF-B2F0-473A6C40E60C}" = protocol=17 | dir=in | app=c:\users\dennis\appdata\roaming\dropbox\bin\dropbox.exe |
"{47E49893-2A23-4E65-BC90-82EC6FDC6338}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{55DF598E-E409-43B2-B782-F6B08901C111}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5A065633-9D8F-463E-84DA-683D28D9BC11}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{638B5C87-9C3A-4A58-9F03-0B82E4577DA5}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{68430387-D081-4FDD-8A33-D8CB9F6DCCAA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6DC1BD3D-4FFA-4E2F-B670-06A0EAED10B1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7BACA8AD-73D2-4B06-9B23-FF85294636E6}" = protocol=6 | dir=out | app=system |
"{80D7E0C5-445B-40E5-AE92-1EBA9A4227CD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8659DEBF-7A8B-40E0-9080-725D6340EDFD}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{8C15929B-0408-4099-9AFC-ED9FFF55B7FF}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{910EB025-7456-451C-9DFB-2C0797F419EE}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{914B413C-4586-48CE-A5B0-EC58FCE11712}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9548854D-13F6-42B1-B8AC-1DC66D7DCFEE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\war in the north\witn.exe |
"{A1D0C49E-A0AC-4862-AB66-0252AA21532A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ACD318EA-F705-4C59-B0E9-C22A3352E865}" = protocol=6 | dir=in | app=c:\users\dennis\appdata\roaming\dropbox\bin\dropbox.exe |
"{B03CD7D1-A1A5-4FC5-B428-D46EEC404111}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{B1D3ED54-54F2-4114-8DB5-68DDC3837DA7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B52BE822-BDAE-465A-8B82-D76D063CB543}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C0A95776-C465-46A5-A7AA-056B2150AB49}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C204CB28-38D4-4140-8D70-FDA362B2F239}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C83AB34A-3F5C-4D01-A143-AFAB290C1634}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{D776E064-2629-45E2-9BE0-F5AFE11D9BFF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D98D247A-9ACD-4425-A083-E032929F5E3B}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{EC3A5D78-2F31-4E60-A008-3551CA97C2AD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F65B0ABB-2C98-4D27-B75D-6CBE584F7633}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FB8D7D25-DCE8-4935-BB0D-E1EA8B34AAA9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCAE38FC-7A73-466B-BF9D-AF86A0EA7EFA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{0A5E062A-7C76-41FB-B360-9C2EDC8C4A94}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{17530CF7-9A3E-46C3-AA9B-1A835AC52992}C:\greenfoot\greenfoot.exe" = protocol=6 | dir=in | app=c:\greenfoot\greenfoot.exe |
"TCP Query User{7196AA76-22F2-4666-A1B5-53F326D987F6}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"TCP Query User{BE7C5B72-0B05-4D11-9AD5-5D5C0A10E5EC}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{D52BC37A-1B00-4B9B-A875-32001184398C}C:\program files\java\jdk1.6.0_23\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_23\jre\bin\java.exe |
"UDP Query User{18C5563E-5125-4C24-9FC2-A133D694F8CC}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{609C019E-0717-48A3-875E-15641FD5AA7F}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{6821028D-E9D8-46F5-A5AA-6337CCDDC4BC}C:\greenfoot\greenfoot.exe" = protocol=17 | dir=in | app=c:\greenfoot\greenfoot.exe |
"UDP Query User{A8736C23-97C9-4629-8BA2-912CA17AECC9}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{DE386183-1CF4-441D-A834-F09BAFDCEA02}C:\program files\java\jdk1.6.0_23\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_23\jre\bin\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510" = Canon MP510
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{147A8145-0AA6-0921-8414-9B1EE5A8108F}" = Warner Bros. Digital Copy Manager
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = Die Sims™ 2 Villen- und Garten-Accessoires
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A56A0-AF80-4423-8C73-ADBFAB40E629}" = TSR RigFix
"{1F897E00-83A6-4133-54E1-58F8D35E61C2}" = AMD Catalyst Install Manager
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2EF17083-57D4-4D64-AE4F-55F32A2C4571}" = Codecv
"{32A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = Die Sims™ 3 Showtime
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}" = Die Sims™ 3 Erstelle ein Muster-Tool
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D13D187-BA0B-4319-B8FE-7C3613E73278}" = QRCode
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = Die Sims™ 2 Teen Style-Accessoires
"{5D58EACA-0317-4CFF-9E13-53CCD525DE32}" = Catalyst Control Center InstallProxy
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta
"{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1" = Java-Editor 10.4c, 2010.09.03
"{6803A6E6-48FF-48AB-B558-7B651BBE1031}" = Nero 8 Essentials
"{69A05CAD-B0AA-4586-8FDD-D4827B2652DC}" = AniTuner
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = Die Sims 2: Family Fun - Accessoires
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7C056FA6-E362-467B-8160-062E9474FEE5}" = SlimDX Redistributable for .NET 2.0 (September 2011)
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_STANDARDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_STANDARDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_STANDARDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_STANDARDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_STANDARDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_STANDARDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = Die Sims™ 2: Glamour-Accessoires
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = Die Sims™ 2 Apartment-Leben
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE518445-0054-44F8-8315-2AD45BF3701E}" = Raw Therapee V4.0.8.3 x86
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = Die Sims™ 2 Party-Accessoires
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F37DC802-9565-4B57-9F3C-2289910E34FD}_is1" = FlowBreeze Standard 2.6.0.14
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"aTube Catcher" = aTube Catcher
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"Big Fish Games Center" = Big Fish Games Center (remove only)
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"BlueJ_is1" = BlueJ 3.0.4
"Canon MP510 Benutzerregistrierung" = Canon MP510 Benutzerregistrierung
"com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1" = Warner Bros. Digital Copy Manager
"Cradle of Rome" = Cradle of Rome (remove only)
"dcmsvc_is1" = dcmsvc 1.0
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"experience-lge-mon-lite-bundle" = TriDef 3D Games (LG 3D Monitor/TV) 1.7.1
"Greenfoot_is1" = Greenfoot 2.0.1
"Luxor Amun Rising" = Luxor Amun Rising (remove only)
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"MilkShape 3D 1.8.4" = MilkShape 3D 1.8.4
"MilkShape 3D 1.8.5" = MilkShape 3D 1.8.5
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator 3.0" = Canon MP Navigator 3.0
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Poker Superstars II" = Poker Superstars II (remove only)
"RealPlayer 15.0" = RealPlayer
"Replay Video Capture4.2" = Replay Video Capture
"s3oc" = s3oc - Sims3 Object Cloner
"s3pe" = s3pe - Sims3 Package Editor
"Sims 2 Wardrobe Wrangler v1.1" = Sims 2 Wardrobe Wrangler v1.1
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"STANDARDR" = Microsoft Office Standard 2007
"StarUML_is1" = StarUML 5.0.2.1570
"Steam App 32800" = The Lord of the Rings: War in the North
"Video mp3 Extractor_is1" = Video mp3 Extractor
"Virtual Villagers" = Virtual Villagers (remove only)
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 2.2.8.9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 06.01.2012 10:11:51 | Computer Name = Dennis-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 06.01.2012 10:11:51 | Computer Name = Dennis-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15672
Error - 06.01.2012 10:11:51 | Computer Name = Dennis-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15672
Error - 07.01.2012 07:08:15 | Computer Name = Dennis-PC | Source = WerSvc | ID = 5007
Description =
Error - 07.01.2012 18:50:22 | Computer Name = Dennis-PC | Source = WerSvc | ID = 5007
Description =
Error - 08.01.2012 07:21:35 | Computer Name = Dennis-PC | Source = WerSvc | ID = 5007
Description =
Error - 08.01.2012 17:55:35 | Computer Name = Dennis-PC | Source = WerSvc | ID = 5007
Description =
Error - 10.01.2012 07:43:46 | Computer Name = Dennis-PC | Source = WerSvc | ID = 5007
Description =
Error - 11.01.2012 08:00:08 | Computer Name = Dennis-PC | Source = WerSvc | ID = 5007
Description =
Error - 11.01.2012 12:02:25 | Computer Name = Dennis-PC | Source = WerSvc | ID = 5007
Description =
[ System Events ]
Error - 23.06.2011 11:07:13 | Computer Name = Dennis-PC | Source = bowser | ID = 8003
Description =
Error - 01.07.2011 03:59:58 | Computer Name = Dennis-PC | Source = Print | ID = 6161
Description = Das Dokument Ganzseitiges Foto im Besitz von Dennis konnte nicht auf
dem Drucker Canon MP510 Printer gedruckt werden. Versuchen Sie erneut, das Dokument
zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: NT EMF 1.008. Größe
der Spooldatei in Bytes: 136773632. Anzahl der gedruckten Bytes: 136599436. Gesamtanzahl
der Seiten des Dokuments: 1. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\DENNIS-PC.
Vom Druckprozessor zurückgegebener Win32-Fehlercode: 1. Unzulässige Funktion.
Error - 03.07.2011 05:12:15 | Computer Name = Dennis-PC | Source = Print | ID = 6161
Description = Das Dokument Microsoft Word - Rigoberta Menchú_Sirvienta en la capital
im Besitz von Dennis konnte nicht auf dem Drucker Canon MP510 Printer gedruckt
werden. Versuchen Sie erneut, das Dokument zu drucken, oder starten Sie den Druckspooler
erneut. Datentyp: NT EMF 1.008. Größe der Spooldatei in Bytes: 131072. Anzahl der
gedruckten Bytes: 47248. Gesamtanzahl der Seiten des Dokuments: 2. Anzahl der gedruckten
Seiten: 0. Clientcomputer: \\DENNIS-PC. Vom Druckprozessor zurückgegebener Win32-Fehlercode:
1. Unzulässige Funktion.
Error - 03.07.2011 09:18:56 | Computer Name = Dennis-PC | Source = bowser | ID = 8003
Description =
Error - 03.07.2011 11:18:40 | Computer Name = Dennis-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 03.07.2011 um 17:17:00 unerwartet heruntergefahren.
Error - 16.07.2011 08:34:09 | Computer Name = Dennis-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 16.07.2011 um 14:29:49 unerwartet heruntergefahren.
Error - 29.07.2011 04:36:02 | Computer Name = Dennis-PC | Source = Print | ID = 19
Description = Der Druckspooler konnte den Drucker Canon MP510 Printer nicht unter
dem Namen Canon MP510 Printer freigeben. Fehler: 2114. Der Drucker kann nicht von
anderen Benutzern im Netzwerk verwendet werden.
Error - 14.08.2011 05:04:16 | Computer Name = Dennis-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 14.08.2011 um 11:03:33 unerwartet heruntergefahren.
Error - 06.09.2011 09:09:42 | Computer Name = Dennis-PC | Source = Print | ID = 19
Description = Der Druckspooler konnte den Drucker Canon MP510 Printer nicht unter
dem Namen Canon MP510 Printer freigeben. Fehler: 2114. Der Drucker kann nicht von
anderen Benutzern im Netzwerk verwendet werden.
Error - 13.09.2011 16:22:41 | Computer Name = Dennis-PC | Source = Print | ID = 6161
Description = Das Dokument Microsoft Word - the world's most famous love story-
Romeo and Juliet summary im Besitz von Dennis konnte nicht auf dem Drucker Canon
MP510 Printer gedruckt werden. Versuchen Sie erneut, das Dokument zu drucken, oder
starten Sie den Druckspooler erneut. Datentyp: NT EMF 1.008. Größe der Spooldatei
in Bytes: 65536. Anzahl der gedruckten Bytes: 29544. Gesamtanzahl der Seiten des
Dokuments: 1. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\DENNIS-PC. Vom
Druckprozessor zurückgegebener Win32-Fehlercode: 1. Unzulässige Funktion.
< End of report >
|
| Themen zu Verschiedene RKIT/Agent in BAcroIeHelpe 180.dll |
| .dll, 32 bit, anderen, appdata, bacroiehelpe180.dll, betriebssystem, codecv, entferne, entfernen, folge, folgende, google earth, hoffe, home, incredibar toolbar, install.exe, liste, meldung, msiexec.exe, nvidia update, office 2007, origin, plug-in, roaming, safer networking, sweetpacks, tagen, trojan-spy.win32.farko, verschiedene, viren, vista 32 bit, visual studio, windows, windows vista |
Baum-Darstellung