| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: browse to save virusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
17.01.2013, 22:02
| #1 |
 |  browse to save virus halihalo hab auch dieses problem und schon mal otl runtergeladen und laufen lassen. hab zwar schon so einen thread gelesenn aber ich hab das so verstanden dass das bei jedem anders zu löschen ist?! na jedenfalls bin ich nicht grad die schlauste auf dem gebiet und hoff auf hilfe =) edit ogott ich hab ja lauter errors -.- Code:
ATTFilter OTL logfile created on: 17.01.2013 20:54:12 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\grinsekathze\Desktop\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 1,60 Gb Total Physical Memory | 0,27 Gb Available Physical Memory | 16,64% Memory free 3,21 Gb Paging File | 1,08 Gb Available in Paging File | 33,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 282,84 Gb Total Space | 176,52 Gb Free Space | 62,41% Space Free | Partition Type: NTFS Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS Computer Name: GRINSEKATHZE-PC | User Name: grinsekathze | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\grinsekathze\Desktop\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\program files (x86)\avira\antivir desktop\avscan.exe (Avira Operations GmbH & Co. KG) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.exe () PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) PRC - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) PRC - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\program files (x86)\avira\antivir desktop\sqlite3.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (FreemiumSystemStoreService) -- C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.exe () SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations) SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (HP Wireless Assistant Service) -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company) SRV - (AMD Reservation Manager) -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices) SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=198a6544-cc40-4f60-8c55-84412599d5ca&searchtype=hp&exp=true IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF IE:64bit: - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=nv1&ir=nv1&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0A0B0FtDyD0C0C0E0FtBzytN0D0Tzu0CtAyByDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1302105681 IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=198a6544-cc40-4f60-8c55-84412599d5ca&searchtype=hp&exp=true IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=198a6544-cc40-4f60-8c55-84412599d5ca&searchtype=ds&q={searchTerms} IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=198a6544-cc40-4f60-8c55-84412599d5ca&searchtype=ds&q={searchTerms} IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=198a6544-cc40-4f60-8c55-84412599d5ca&searchtype=ds&q={searchTerms} IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=198a6544-cc40-4f60-8c55-84412599d5ca&searchtype=hp&exp=true IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=198a6544-cc40-4f60-8c55-84412599d5ca&searchtype=ds&q={searchTerms} IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=198a6544-cc40-4f60-8c55-84412599d5ca&searchtype=ds&q={searchTerms} IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=198a6544-cc40-4f60-8c55-84412599d5ca&searchtype=ds&q={searchTerms} IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.at/" FF - prefs.js..extensions.enabledAddons: 501e6fa18edf8%40501e6fa18ee31.info:1.0 FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039 FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68 FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.5 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0 FF - prefs.js..keyword.URL: "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=198a6544-cc40-4f60-8c55-84412599d5ca&searchtype=ds&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.11 08:34:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.13 13:46:30 | 000,000,000 | ---D | M] [2011.11.24 14:07:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\grinsekathze\AppData\Roaming\mozilla\Extensions [2013.01.15 20:41:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\grinsekathze\AppData\Roaming\mozilla\Firefox\Profiles\00ave1we.default\extensions [2012.08.05 14:07:13 | 000,000,000 | ---D | M] (Codecv) -- C:\Users\grinsekathze\AppData\Roaming\mozilla\Firefox\Profiles\00ave1we.default\extensions\501e6fa18edf8@501e6fa18ee31.info [2013.01.15 20:41:53 | 000,124,993 | ---- | M] () (No name found) -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\extensions\adblockpopups@jessehakanen.net.xpi [2012.02.20 12:00:03 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\extensions\DivXWebPlayer@divx.com.xpi [2013.01.15 20:37:18 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\extensions\elemhidehelper@adblockplus.org.xpi [2013.01.15 20:41:53 | 000,533,036 | ---- | M] () (No name found) -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.01.15 20:41:53 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.02.10 20:28:13 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011.12.01 19:17:22 | 000,002,289 | ---- | M] () -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\searchplugins\ecosia.xml [2011.11.24 14:09:31 | 000,002,314 | ---- | M] () -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\searchplugins\forestle-de.xml [2013.01.09 16:06:00 | 000,002,329 | ---- | M] () -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\searchplugins\Funmoods.xml [2012.08.05 14:07:24 | 000,003,915 | ---- | M] () -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\searchplugins\sweetim.xml [2012.09.17 10:41:06 | 000,002,399 | ---- | M] () -- C:\Users\grinsekathze\AppData\Roaming\mozilla\firefox\profiles\00ave1we.default\searchplugins\Web Search.xml [2013.01.11 08:34:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.01.11 08:34:24 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.01.18 08:21:22 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.01 16:58:17 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.01.18 08:21:22 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.01.18 08:21:22 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.18 08:21:22 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.18 08:21:22 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Codecv Class) - {2D588057-BD3F-075B-B569-0C8FC43F046B} - C:\ProgramData\Codecv\bhoclass.dll File not found O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\grinsekathze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-118737067-2683697216-1242472475-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21F7FB87-78B2-4A8C-A823-CC7F3395D176}: DhcpNameServer = 10.0.0.138 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{2d81870e-1dd0-11e1-830f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{2d81870e-1dd0-11e1-830f-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2d818754-1dd0-11e1-830f-101f745606e1}\Shell - "" = AutoRun O33 - MountPoints2\{2d818754-1dd0-11e1-830f-101f745606e1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{dfdfc172-6525-11e1-88ed-d0df9abf4704}\Shell - "" = AutoRun O33 - MountPoints2\{dfdfc172-6525-11e1-88ed-d0df9abf4704}\Shell\AutoRun\command - "" = F:\Startme.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.17 11:22:58 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\.thumbnails [2013.01.17 11:19:36 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\AppData\Local\fontconfig [2013.01.17 11:19:32 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\AppData\Local\gegl-0.2 [2013.01.17 11:19:32 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\.gimp-2.8 [2013.01.17 11:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2013.01.15 19:49:52 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\Desktop\OSTTIROL WICHTIG [2013.01.14 06:52:06 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\Desktop\ideen & upcycling [2013.01.11 08:34:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.01.10 15:05:33 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013.01.10 15:05:33 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013.01.10 15:05:11 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013.01.10 15:04:48 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013.01.09 16:05:28 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\AppData\Roaming\Funmoods [2013.01.09 16:04:11 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\AppData\Local\PutLockerDownloader [2013.01.09 16:03:44 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com [2013.01.06 12:19:59 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\AppData\Roaming\iScreensaver [2013.01.05 14:36:47 | 000,000,000 | ---D | C] -- C:\Users\grinsekathze\AppData\Local\WinZip [2012.12.21 21:42:07 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012.12.21 21:42:07 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012.12.21 21:42:05 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012.12.21 21:42:05 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll ========== Files - Modified Within 30 Days ========== [2013.01.17 19:41:35 | 000,406,381 | ---- | M] () -- C:\Users\grinsekathze\Desktop\DSC_0005.JPG [2013.01.17 19:38:58 | 000,703,061 | ---- | M] () -- C:\Users\grinsekathze\Desktop\AP_A1_Umzugsservice.pdf [2013.01.17 12:51:27 | 000,670,791 | ---- | M] () -- C:\Users\grinsekathze\Desktop\DSC_0009.JPG [2013.01.17 12:51:20 | 000,564,667 | ---- | M] () -- C:\Users\grinsekathze\Desktop\DSC_0007.JPG [2013.01.17 12:51:17 | 000,661,282 | ---- | M] () -- C:\Users\grinsekathze\Desktop\DSC_0008.JPG [2013.01.17 11:43:04 | 000,000,924 | ---- | M] () -- C:\Users\grinsekathze\Desktop\GIMP 2.lnk [2013.01.17 11:42:54 | 000,275,565 | ---- | M] () -- C:\Users\grinsekathze\Desktop\DSC_0126.png [2013.01.17 11:42:54 | 000,002,118 | ---- | M] () -- C:\Users\grinsekathze\AppData\Local\recently-used.xbel [2013.01.17 11:37:45 | 000,000,485 | ---- | M] () -- C:\Windows\cdplayer.ini [2013.01.17 11:37:39 | 000,001,534 | ---- | M] () -- C:\ProgramData\ss.ini [2013.01.17 11:36:16 | 000,737,137 | ---- | M] () -- C:\Users\grinsekathze\Desktop\DSC_0126.xcf [2013.01.17 09:20:33 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.17 09:20:33 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.01.17 09:20:33 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.17 09:20:33 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.01.17 09:20:33 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.16 23:26:45 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.16 23:26:45 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.16 23:19:26 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini [2013.01.16 23:18:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.11 03:21:01 | 000,296,784 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.01.09 16:04:46 | 000,368,102 | ---- | M] () -- C:\Users\grinsekathze\AppData\Local\funmoods-speeddial_sf.crx [2013.01.09 16:04:46 | 000,031,465 | ---- | M] () -- C:\Users\grinsekathze\AppData\Local\funmoods.crx [2013.01.09 16:03:44 | 000,000,924 | ---- | M] () -- C:\Users\grinsekathze\Desktop\Movie2KDownloader.lnk [2012.12.20 08:29:39 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.12.20 08:29:16 | 000,701,576 | ---- | M] () -- C:\Users\grinsekathze\Desktop\Hochkar-Panoramakarte_DE.jpg [2012.12.19 23:03:42 | 000,843,391 | ---- | M] () -- C:\Users\grinsekathze\Desktop\BAGS Kollektivvertrag 2012.pdf [2012.12.19 13:39:53 | 000,279,411 | ---- | M] () -- C:\Users\grinsekathze\Desktop\Lebenslauf Kathrin Blumauer.pdf ========== Files Created - No Company Name ========== [2013.01.17 19:41:35 | 000,406,381 | ---- | C] () -- C:\Users\grinsekathze\Desktop\DSC_0005.JPG [2013.01.17 19:08:43 | 000,703,061 | ---- | C] () -- C:\Users\grinsekathze\Desktop\AP_A1_Umzugsservice.pdf [2013.01.17 12:51:06 | 000,670,791 | ---- | C] () -- C:\Users\grinsekathze\Desktop\DSC_0009.JPG [2013.01.17 12:51:06 | 000,564,667 | ---- | C] () -- C:\Users\grinsekathze\Desktop\DSC_0007.JPG [2013.01.17 12:51:05 | 000,661,282 | ---- | C] () -- C:\Users\grinsekathze\Desktop\DSC_0008.JPG [2013.01.17 11:42:54 | 000,002,118 | ---- | C] () -- C:\Users\grinsekathze\AppData\Local\recently-used.xbel [2013.01.17 11:42:52 | 000,275,565 | ---- | C] () -- C:\Users\grinsekathze\Desktop\DSC_0126.png [2013.01.17 11:34:52 | 000,737,137 | ---- | C] () -- C:\Users\grinsekathze\Desktop\DSC_0126.xcf [2013.01.17 11:19:25 | 000,000,924 | ---- | C] () -- C:\Users\grinsekathze\Desktop\GIMP 2.lnk [2013.01.17 11:15:17 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2013.01.09 16:05:28 | 000,368,102 | ---- | C] () -- C:\Users\grinsekathze\AppData\Local\funmoods-speeddial_sf.crx [2013.01.09 16:05:26 | 000,031,465 | ---- | C] () -- C:\Users\grinsekathze\AppData\Local\funmoods.crx [2013.01.09 16:03:44 | 000,000,924 | ---- | C] () -- C:\Users\grinsekathze\Desktop\Movie2KDownloader.lnk [2013.01.06 12:19:50 | 006,658,246 | ---- | C] () -- C:\Users\grinsekathze\Desktop\gezeitenweltglobus.EXE [2012.12.20 08:29:09 | 000,701,576 | ---- | C] () -- C:\Users\grinsekathze\Desktop\Hochkar-Panoramakarte_DE.jpg [2012.12.19 23:03:42 | 000,843,391 | ---- | C] () -- C:\Users\grinsekathze\Desktop\BAGS Kollektivvertrag 2012.pdf [2012.12.19 13:39:48 | 000,279,411 | ---- | C] () -- C:\Users\grinsekathze\Desktop\Lebenslauf Kathrin Blumauer.pdf [2012.12.07 11:56:23 | 000,000,485 | ---- | C] () -- C:\Windows\cdplayer.ini [2012.12.07 11:32:59 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini [2012.02.25 21:59:17 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011.12.11 17:37:20 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.11.28 12:49:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.11.24 17:20:17 | 000,007,599 | ---- | C] () -- C:\Users\grinsekathze\AppData\Local\Resmon.ResmonCfg [2011.08.16 13:51:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.05.10 08:55:07 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.06.15 18:07:24 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\Freemium [2013.01.09 16:05:28 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\Funmoods [2013.01.06 12:19:59 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\iScreensaver [2011.11.24 14:58:03 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\Jens Lorek [2012.10.09 12:51:15 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\OpenCandy [2012.01.19 12:07:35 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\OpenOffice.org [2012.11.08 12:49:48 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\pdfforge [2012.01.19 11:57:55 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\SoftGrid Client [2012.03.03 13:31:55 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\Sony [2011.11.24 14:03:21 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\Synaptics [2011.12.03 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\T-Mobile [2011.12.11 17:38:34 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\TP [2012.10.09 13:41:27 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\TuneUp Software [2013.01.17 21:02:48 | 000,000,000 | ---D | M] -- C:\Users\grinsekathze\AppData\Roaming\uTorrent ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 17.01.2013 20:54:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\grinsekathze\Desktop\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
1,60 Gb Total Physical Memory | 0,27 Gb Available Physical Memory | 16,64% Memory free
3,21 Gb Paging File | 1,08 Gb Available in Paging File | 33,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282,84 Gb Total Space | 176,52 Gb Free Space | 62,41% Space Free | Partition Type: NTFS
Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS
Computer Name: GRINSEKATHZE-PC | User Name: grinsekathze | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-118737067-2683697216-1242472475-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13EEA3A6-E516-4194-A8CE-717DA7B76D75}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2268A202-11C0-49F9-9C95-759875048BDA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{539FF5B6-5F05-478D-8269-9BBE0D206530}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{540939FC-3ED2-4A9E-A670-847215014E2C}" = rport=139 | protocol=6 | dir=out | app=system |
"{561061A0-97E3-4C9C-9F0E-8F67AAE55EFA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6457E410-9D31-4B8B-A7D1-0F0ED27E3EF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6A350EE5-D3F7-4A45-B487-F165E12A15F2}" = lport=445 | protocol=6 | dir=in | app=system |
"{6CD84F12-28D6-4A94-B43E-C844C5ED8AA1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6F7B7847-2B6F-4717-8956-248F2BE83111}" = rport=445 | protocol=6 | dir=out | app=system |
"{801618EB-A544-4901-8103-15C9472A867E}" = lport=139 | protocol=6 | dir=in | app=system |
"{84050A94-2CFF-48DF-84B4-4DD06C822FF0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8992A69C-A922-4071-A185-DADBDDFDFDCE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{89BA3465-7CB5-426B-92C1-9EBF0A7D8550}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8FF5F538-755F-49B3-B4B4-B8F79B322488}" = lport=137 | protocol=17 | dir=in | app=system |
"{96AA3A6D-4BA5-4822-B9FE-510C6280B224}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5A4C60C-8DF7-4C28-A661-EF49464E43C4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AB8FE59C-23B6-483C-AEBA-1DF54E48DA13}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C559004E-6364-446C-A1AA-69AAD8FD307E}" = rport=138 | protocol=17 | dir=out | app=system |
"{CB5ED033-54AD-4DAD-A55E-2D63CB825E37}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D130D9B6-774F-49ED-8BAB-A7CBF5D31E1D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D44AF393-0566-4F4A-B7FF-0053CE790234}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D488656A-AFD4-495C-967F-36381AB2E6BE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D52E1818-3EFF-4504-98F0-3DA6F7AA512E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ECAB0EFA-F12F-464F-84D8-F577D58DC191}" = lport=138 | protocol=17 | dir=in | app=system |
"{F473DAB7-4097-40D5-A95C-35C6DEE72B51}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026440B1-F5E6-4CF8-A4A5-184550AF4840}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{03756458-D0EF-49D1-80FB-0BB566795FF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{079676D3-E9B1-4B9C-B328-48C8C26948CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1681DB2E-D50D-46D4-AB22-7F62312A7C22}" = protocol=17 | dir=in | app=c:\users\grinsekathze\appdata\local\temp\icreinstall\cnet2_caesar4_demo_en_exe.exe |
"{1C679E14-C62F-4D5D-99FC-605625A6616B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1EE95607-215E-4413-B499-7F11B3FCE57A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2630B676-75AC-4E86-A153-FD0D42AFFFCC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{368FD8D7-C361-4F9A-89D8-D7F3F89DC708}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{4677EF26-E74A-41D8-B816-6D8EDF883509}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{53A1595F-526E-4C05-BCE1-52A28B87B16E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{59D97E3A-C86A-466C-9D87-F17A80C6506A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5A966CD3-A561-471D-B945-9297A2C7EBCE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{627AFF59-12B3-4CB3-845A-0B312586CC40}" = protocol=6 | dir=out | app=system |
"{69BD1719-1FA8-478D-9CD4-8721E52D4425}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6DA3B3E1-8145-471C-AD72-4C1466029568}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7257FB07-DCF0-4F10-B8D7-F2902EEEFD8B}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{74C68BD7-7394-491B-A7DE-D6821A89FCEB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{80F24660-0A69-42FB-8681-BA9152D96DBC}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{84C85B64-9AA5-4FD1-923B-248089C83A06}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{9A9D6371-B611-43D0-9E62-7D1ECB85DCFC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A428ACA6-9BBD-48E7-B803-4FB5315D75A7}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{A5A0FD3C-FC9E-4504-AB4A-1F5260DAD400}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A5DC2E51-FA28-4A2C-BD6A-A0BA1D87D0E5}" = protocol=6 | dir=in | app=c:\users\grinsekathze\appdata\local\temp\icreinstall\cnet2_caesar4_demo_en_exe.exe |
"{B6CC1895-0E53-4C8C-BF8E-17F4D6B8F698}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BE6DBFC1-0CD2-428B-929F-2FEC4C560E2D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C29A2CB7-B77F-4F32-B2B9-4B66D5FE99B8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D07AF249-AD70-43C0-942A-62478836C5CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D1295660-6AFE-4BE0-B7A5-DC729CBAA2E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D52E7DA4-91FF-4D8D-BEA4-49162CE7A3EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D9AD44F7-1DFE-410E-B0FB-82B5A0CE82A7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DFA2248A-76ED-482A-8181-28D4BFED8034}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F0FF9D22-6C06-46B8-AF2C-D15E1FBDFF87}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB087712-4227-4562-9932-61DC9DD65422}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{C929FC29-7BAE-455B-97C6-D5E9425949CC}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{DD914C7F-E884-4C32-9807-E27542C866CD}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{448AA499-95F4-4FCE-ADFF-02686BB4A52A}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{9266BB6F-CBB5-43AB-92FF-3988CAB6750A}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E6BEFE9-0AFF-C09F-24A8-AA1CB05869BF}" = WMV9/VC-1 Video Playback
"{76A7DF87-2F94-A068-96B1-D5A392B785E1}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EA86AD9-FB32-4B9E-BD56-3068F9B8031F}" = HP Wireless Assistant
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1250C3B-8953-8A3F-9FCF-D43BB6AE0051}" = AMD Fuel
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E04A3037-2F82-C518-D6CA-A63497D3872F}" = ATI Catalyst Install Manager
"GIMP-2_is1" = GIMP 2.8.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.4
"WinRAR archiver" = WinRAR 4.10 beta 2 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E73CF7-3B8E-49F6-B09C-3FB122B3938A}" = HP Software Framework
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{124DB96E-CBF5-44FB-AB59-7D2444DEC777}" = HP On Screen Display
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26C4E5F1-314C-F3DF-2294-3685BF5F9E05}" = CCC Help Czech
"{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}" = HP Documentation
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP 3.92
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57F1042D-1423-81C6-299B-C21FAB216F93}" = CCC Help Italian
"{6137C043-93EA-6769-90EA-01E87B041117}" = CCC Help Norwegian
"{6265A4F4-91FE-FFEC-1ECA-E5639B80ECB3}" = CCC Help French
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{657BD928-2C0B-7EFA-7740-DE8BC937FEF4}" = CCC Help Thai
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E30DB0-A342-F453-D14D-827B454A9E4A}" = CCC Help Swedish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6833708F-D07C-34AA-B195-698FA0C8879C}" = CCC Help Polish
"{687DB473-1A0F-5B1D-D0E0-A73258207AB2}" = ccc-core-static
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C92846D-67BA-5B17-38F4-E1318A0272B7}" = CCC Help Greek
"{6D437C07-418F-9E01-96EB-DC55F780A198}" = CCC Help Turkish
"{710E96D5-98A1-6732-8768-8F4ACCA520C1}" = CCC Help Portuguese
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9299A9E5-4A0F-C936-76BD-62BCBD38CC21}" = CCC Help English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9B04A7CC-F80E-72C6-8B9E-83A88A5B479B}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F6A200F-90D7-F262-9639-16D640298E32}" = CCC Help Finnish
"{9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4}" = HP Support Assistant
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A37E63B7-29E5-CAF4-A81D-0A67946924E0}" = Catalyst Control Center Graphics Previews Common
"{A5449F23-80E8-04D2-EB41-7BE229CCB37B}" = Catalyst Control Center InstallProxy
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B97E3520-C726-475E-BC0C-7561952633AB}" = HP Power Manager
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C0838AAC-DF3E-5865-88D3-E43864E2B065}" = CCC Help Korean
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C257F891-7975-979B-3EDD-D3E74F1F583B}" = CCC Help Hungarian
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CBD74B80-E1A2-08A1-69D9-DE37BFA265EF}" = CCC Help German
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA26698F-3E4F-FBAE-8219-5C3D3C1ECA92}" = CCC Help Spanish
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E13D5C1F-EA6D-E340-85A9-0EA7221F31E9}" = CCC Help Danish
"{E1D1E335-C6CE-C9A5-12B8-587D561E8B30}" = Catalyst Control Center Localization All
"{E3FE0FA5-D813-14AB-DE7B-594257E9550B}" = CCC Help Chinese Traditional
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E774EEC0-18E6-49C8-A271-07654C0A2047}" = Catalyst Control Center - Branding
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0C4AAC9-C7B6-59B3-789D-D2CA4E0CFCD1}" = CCC Help Dutch
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5468CFB-F146-12D8-913B-513145180028}" = CCC Help Russian
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA2509E9-7197-8FB8-B35E-090A4F81CA6A}" = CCC Help Chinese Standard
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"1ClickDownload" = Movie2KDownloader
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Mozilla Firefox 18.0 (x86 de)" = Mozilla Firefox 18.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.11.2012 09:08:00 | Computer Name = grinsekathze-pc | Source = MsiInstaller | ID = 10005
Description =
Error - 09.11.2012 06:12:45 | Computer Name = grinsekathze-pc | Source = WinMgmt | ID = 10
Description =
Error - 10.11.2012 05:54:51 | Computer Name = grinsekathze-pc | Source = WinMgmt | ID = 10
Description =
Error - 12.11.2012 09:20:01 | Computer Name = grinsekathze-pc | Source = WinMgmt | ID = 10
Description =
Error - 13.11.2012 06:27:03 | Computer Name = grinsekathze-pc | Source = WinMgmt | ID = 10
Description =
Error - 14.11.2012 02:55:02 | Computer Name = grinsekathze-pc | Source = WinMgmt | ID = 10
Description =
Error - 14.11.2012 05:14:04 | Computer Name = grinsekathze-pc | Source = WinMgmt | ID = 10
Description =
Error - 14.11.2012 16:16:41 | Computer Name = grinsekathze-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 16.0.2.4680,
Zeitstempel: 0x50882871 Name des fehlerhaften Moduls: xul.dll, Version: 16.0.2.4680,
Zeitstempel: 0x508827d6 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00130ef7 ID des fehlerhaften
Prozesses: 0xe6c Startzeit der fehlerhaften Anwendung: 0x01cdc28333a79e11 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung:
332bf822-2e98-11e2-a968-101f745606e1
Error - 16.11.2012 05:27:46 | Computer Name = grinsekathze-pc | Source = WinMgmt | ID = 10
Description =
Error - 16.11.2012 08:14:18 | Computer Name = grinsekathze-pc | Source = WinMgmt | ID = 10
Description =
Error - 18.11.2012 05:57:53 | Computer Name = grinsekathze-pc | Source = WinMgmt | ID = 10
Description =
[ Hewlett-Packard Events ]
Error - 23.04.2012 09:12:15 | Computer Name = grinsekathze-pc | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041223031211.xml
File not created by asset agent
Error - 17.06.2012 06:12:04 | Computer Name = grinsekathze-pc | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061217121201.xml
File not created by asset agent
Error - 13.08.2012 04:43:58 | Computer Name = grinsekathze-pc | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081213104339.xml
File not created by asset agent
Error - 20.08.2012 01:38:55 | Computer Name = grinsekathze-pc | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081220073849.xml
File not created by asset agent
Error - 02.09.2012 12:36:35 | Computer Name = grinsekathze-pc | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091202063626.xml
File not created by asset agent
Error - 16.09.2012 12:35:19 | Computer Name = grinsekathze-pc | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091216063507.xml
File not created by asset agent
Error - 23.09.2012 12:24:17 | Computer Name = grinsekathze-pc | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091223062413.xml
File not created by asset agent
Error - 02.10.2012 07:31:02 | Computer Name = grinsekathze-pc | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101202013056.xml
File not created by asset agent
Error - 17.10.2012 05:33:01 | Computer Name = grinsekathze-pc | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101217113257.xml
File not created by asset agent
Error - 05.01.2013 07:34:23 | Computer Name = grinsekathze-pc | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011305123418.xml
File not created by asset agent
[ HP Wireless Assistant Events ]
Error - 24.11.2011 09:35:14 | Computer Name = grinsekathze-pc | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 24.11.2011 09:35:20 | Computer Name = grinsekathze-pc | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 24.11.2011 09:36:25 | Computer Name = grinsekathze-pc | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 24.11.2011 09:36:30 | Computer Name = grinsekathze-pc | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 24.11.2011 09:37:35 | Computer Name = grinsekathze-pc | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 24.11.2011 09:37:40 | Computer Name = grinsekathze-pc | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 15.12.2011 16:34:57 | Computer Name = grinsekathze-pc | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10.02.2012 12:07:49 | Computer Name = grinsekathze-pc | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Starten des Servers fehlgeschlagen
(Ausnahme von HRESULT: 0x80080005 (CO_E_SERVER_EXEC_FAILURE)) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 20.08.2012 07:28:09 | Computer Name = grinsekathze-pc | Source = HP WA Application | ID = 0
Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;
failed to create hardware layer Fehler in der Anwendung. bei HardwareAccess.Hardware..ctor(Dispatcher
dispatcher, ServicePort port, Int32 timeout) bei HardwareAccess.Hardware.Create(Dispatcher
dispatcher, ServicePort port, Int32 timeout) bei HPWA_Main.App.ApplicationStartup(Object
sender, StartupEventArgs args)
Error - 20.08.2012 07:28:13 | Computer Name = grinsekathze-pc | Source = HP WA Application | ID = 0
Description = MainWindow.ShowImpl; not initialized, closing application...
[ System Events ]
Error - 16.01.2013 05:36:50 | Computer Name = grinsekathze-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 16.01.2013 05:37:01 | Computer Name = grinsekathze-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 16.01.2013 05:37:17 | Computer Name = grinsekathze-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 16.01.2013 05:37:17 | Computer Name = grinsekathze-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 16.01.2013 16:57:39 | Computer Name = grinsekathze-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 16.01.2013 18:19:03 | Computer Name = grinsekathze-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Media Center Extender-Dienst" ist vom Dienst "PnP-X-IP-Busenumerator"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 16.01.2013 18:19:03 | Computer Name = grinsekathze-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 16.01.2013 18:19:17 | Computer Name = grinsekathze-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 16.01.2013 18:19:34 | Computer Name = grinsekathze-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 16.01.2013 18:19:34 | Computer Name = grinsekathze-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
< End of report >
so..ich hoffe ich hab bis jetzt mal alles richtig gemacht. grüssleins kat |
| Themen zu browse to save virus |
| 1clickdownload, adobe reader xi, antivir, bonjour, browse to save, desktop, error, failed, firefox, flash player, freemium, icreinstall, install.exe, installation, launch, logfile, mozilla, msiexec.exe, msiinstaller, plug-in, problem, realtek, registry, scan, security, software, starten, starten des servers fehlgeschlagen (0x80080005), svchost.exe, windows |
Baum-Darstellung