Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 09.09.2013, 17:27   #1
JasonFF
 
WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...) - Standard

WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...)



Seid kurzem öffnet sich ein neuer Tab von alleine, wenn ich meine Startseite (www.t-online.de) aufrufe. Dieser Tab kommt nach einiger Zeit aber erst. Die Seite wird von NoScript soweit blockiert, daß die Seite weiß bleibt und kein Inhalt angezeigt wird.
Habe Malwarebytes durchlaufen lassen und entsprechende Funde gestern gelöscht. Ein erneuter Scan ergab keine Funde mehr. Nachdem ich heute den PC gestartet habe und die Startseite öffnete, kann nach einigen Minuten aber wieder der neue Tab mit dieser ominösen Adresse.
Bekomme aber keinerlei Meldungen. (Norton, ect.)
Habe bereits im Board auch gesucht und mir OTL herunter geladen und nach Anleitung ausgeführt. Die beiden Dateien sind im Anhang.
Wenn zur Analyse bzw. Behebung des Problems weitere Infos benötigt werden, bin ich selbstverständlich bereit diese so gut wie möglich zu geben.
Hier die Logfile von OTL-Editor:
Code:
ATTFilter
OTL logfile created on: 09.09.2013 17:29:08 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jason\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,75 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 50,11% Memory free
5,71 Gb Paging File | 4,14 Gb Available in Paging File | 72,65% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 95,34 Gb Total Space | 24,26 Gb Free Space | 25,45% Space Free | Partition Type: NTFS
Drive D: | 3,91 Gb Total Space | 0,45 Gb Free Space | 11,60% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 3,79 Gb Free Space | 19,43% Space Free | Partition Type: NTFS
Drive G: | 14,65 Gb Total Space | 6,10 Gb Free Space | 41,62% Space Free | Partition Type: NTFS
Drive H: | 8,79 Gb Total Space | 4,77 Gb Free Space | 54,29% Space Free | Partition Type: NTFS
Drive M: | 698,64 Gb Total Space | 592,33 Gb Free Space | 84,78% Space Free | Partition Type: NTFS
 
Computer Name: JASONS-PC | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.09.09 17:25:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
PRC - [2013.09.08 14:48:26 | 003,045,688 | ---- | M] (Emsi Software GmbH) -- C:\Programme\a-squared Anti-Malware\a2service.exe
PRC - [2013.07.15 09:20:08 | 003,019,752 | ---- | M] () -- C:\Programme\GfK Internet-Monitor\GfK-Reporting.exe
PRC - [2013.07.15 09:20:06 | 001,376,232 | ---- | M] () -- C:\Programme\GfK Internet-Monitor\GfK-Updater.exe
PRC - [2013.07.15 09:09:47 | 003,300,328 | ---- | M] (GfK) -- C:\Programme\GfKLSPService\GfKLspService.exe
PRC - [2013.07.15 09:09:44 | 000,058,856 | ---- | M] () -- C:\Programme\GfKLSPService\GfK-WatchDog.exe
PRC - [2013.07.02 11:19:30 | 000,248,208 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2013.07.02 11:19:30 | 000,093,072 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013.06.30 10:57:08 | 008,518,656 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
PRC - [2013.06.27 10:02:13 | 000,128,000 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
PRC - [2013.05.21 06:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.01.31 11:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.12.31 18:38:24 | 000,542,344 | ---- | M] (Soluto) -- C:\Programme\Soluto\SolutoService.exe
PRC - [2012.12.31 18:38:24 | 000,167,048 | ---- | M] (Soluto) -- C:\Programme\Soluto\SolutoLauncherService.exe
PRC - [2012.12.31 18:38:22 | 001,229,448 | ---- | M] (Soluto) -- c:\Programme\Soluto\Soluto.exe
PRC - [2012.03.19 12:23:46 | 000,380,416 | ---- | M] () -- C:\Programme\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.03.03 20:39:40 | 002,598,760 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProTray.exe
PRC - [2010.03.03 20:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProSvc.exe
PRC - [2010.02.11 03:34:14 | 001,964,528 | ---- | M] (Symantec) -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe
PRC - [2009.04.11 15:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 15:18:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE
PRC - [2002.10.10 14:10:00 | 001,484,800 | ---- | M] (Steganos GmbH) -- C:\Programme\Steganos Mail CleanUp\smc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.08.14 18:43:55 | 000,881,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d90e4a61ea36fd3825b96c804e485b5f\System.DirectoryServices.AccountManagement.ni.dll
MOD - [2013.08.14 18:43:54 | 000,656,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\fa8e4197074aee3eef3d509646d1fee6\PCGPostBootResources.ni.dll
MOD - [2013.08.14 18:43:54 | 000,052,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\e5658a6a0fbeb9a608638bfe64dc1a46\PCGHIDProbe.ni.dll
MOD - [2013.08.14 18:43:53 | 000,039,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\f44150e06210d53e7b2ef741c9a978a7\PCGRSPProbe.ni.dll
MOD - [2013.08.14 18:43:48 | 002,327,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\6c07f76ab73ce7b4dc02ccfec040ddc3\Community.CsharpSqlite.ni.dll
MOD - [2013.08.14 18:43:46 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\d2b4cb089742f60f78b88a45657a2b23\PCGUsersCenter.ni.dll
MOD - [2013.08.14 18:43:45 | 000,156,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\a1b58be83192ab18cbb59b63b454a348\PCGAppControlPluginLoader.ni.dll
MOD - [2013.08.14 18:43:44 | 003,521,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\f28b94880d32b7d0f9dc09afb39b8578\PCGClientCommon.ni.dll
MOD - [2013.08.14 18:43:39 | 000,157,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\b61347bbabfd37eb45d7b21023fead90\PCGBootVisualizingCommon.ni.dll
MOD - [2013.08.14 18:43:38 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\8baeee3d3c3bdf77b52d17c88f09273b\PCGDriverProbe.ni.dll
MOD - [2013.08.14 18:43:07 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\9b13c63ea8b113da4167c0beb4ba47db\PCGConfiguration.ni.dll
MOD - [2013.08.14 18:43:05 | 002,617,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDatabase\648f9ebb649bf3c031a90f015d57fef6\PCGDatabase.ni.dll
MOD - [2013.08.14 18:43:00 | 001,531,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\ea508eaf2b344d50506800952a056c9b\PCGAzureShared.ni.dll
MOD - [2013.08.14 18:43:00 | 000,048,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\aa237c20e5b6400aa04f2aef8f1772d8\PCGAzureEntityFramework.ni.dll
MOD - [2013.08.14 18:42:58 | 001,195,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGCommunication\38dd98ea8409ba85e407d8071d7ab196\PCGCommunication.ni.dll
MOD - [2013.08.14 18:42:55 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\81bc1b6d3841abd28046fe6c85aace2d\PCGPreCompiled.ni.dll
MOD - [2013.08.14 18:42:45 | 000,596,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\36bdd5973166173b1547256acbedb674\Ionic.Zip.Reduced.ni.dll
MOD - [2013.08.14 18:42:45 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\d1e6c32b171bcd4592c7bd48917b80b0\PCGPrestoSerializer.ni.dll
MOD - [2013.08.14 18:42:43 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll
MOD - [2013.08.14 18:42:38 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
MOD - [2013.08.14 18:42:26 | 001,116,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ae531e6e51247607c26263c079d36a1f\System.DirectoryServices.ni.dll
MOD - [2013.08.14 18:42:23 | 002,128,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\73eac3ed5aa67cf361f5215b3f5225eb\Newtonsoft.Json.Net35.ni.dll
MOD - [2013.08.14 18:42:14 | 002,721,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGFramework\4356f5e3d4f901320896c44fb51c557f\PCGFramework.ni.dll
MOD - [2013.08.14 18:42:07 | 001,622,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Soluto\ced8d11b78585cfb23b1029ae724e6cf\Soluto.ni.exe
MOD - [2013.08.14 18:41:59 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b8e424ef545f262fd6cb9f35b97fc8b9\System.Configuration.ni.dll
MOD - [2013.08.14 18:31:34 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013.08.14 18:31:14 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f575e4c534a93294c72fea670ca73492\System.Windows.Forms.ni.dll
MOD - [2013.08.14 18:31:02 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013.08.14 18:30:50 | 002,518,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\7cd02a9717d729922877b5abc2d1ef6d\System.Data.Linq.ni.dll
MOD - [2013.08.14 18:30:38 | 002,295,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\cfc7b22d4a9add9030b771860f86abba\System.Core.ni.dll
MOD - [2013.08.14 18:29:38 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013.07.15 09:09:44 | 000,058,856 | ---- | M] () -- C:\Programme\GfKLSPService\GfK-WatchDog.exe
MOD - [2013.07.11 16:49:48 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\fe73c0ce3b7f9f61db4b2f8453521a2d\PCGWuInfo.ni.dll
MOD - [2013.07.11 16:49:48 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\449c932b29b1df04449197f0693226a0\Interop.IWshRuntimeLibrary.ni.dll
MOD - [2013.07.11 16:43:39 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2012.12.31 18:28:40 | 000,077,880 | ---- | M] () -- c:\Programme\Soluto\PCGDllExportInspector.dll
MOD - [2012.07.22 10:19:32 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_de_b77a5c561934e089\System.Core.resources.dll
MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Programme\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
MOD - [2012.03.19 12:23:46 | 000,380,416 | ---- | M] () -- C:\Programme\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
MOD - [2012.03.18 12:10:52 | 008,499,712 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\QtGui4.dll
MOD - [2012.03.18 12:07:57 | 002,347,520 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\QtCore4.dll
MOD - [2012.03.18 12:07:57 | 000,200,704 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\imageformats\qjpeg4.dll
MOD - [2012.03.18 12:07:55 | 000,863,744 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\QtNetwork4.dll
MOD - [2012.03.18 12:07:54 | 000,026,624 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\imageformats\qgif4.dll
MOD - [2012.01.15 17:50:08 | 000,370,688 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\libsndfile.dll
MOD - [2012.01.15 17:50:00 | 000,390,656 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\lame_enc.dll
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.04.11 18:48:39 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.04.11 18:48:18 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.09.08 14:48:26 | 003,045,688 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Programme\a-squared Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2013.08.17 11:20:44 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.07.23 16:14:01 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.15 09:20:08 | 003,019,752 | ---- | M] () [Auto | Running] -- C:\Programme\GfK Internet-Monitor\GfK-Reporting.exe -- (GfK-Reporting-Service)
SRV - [2013.07.15 09:20:06 | 001,376,232 | ---- | M] () [Auto | Running] -- C:\Programme\GfK Internet-Monitor\GfK-Updater.exe -- (GfK-Update-Service)
SRV - [2013.07.15 09:09:47 | 003,300,328 | ---- | M] (GfK) [Auto | Running] -- C:\Programme\GfKLSPService\GfKLspService.exe -- (GfKLSPService)
SRV - [2013.07.02 11:19:30 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013.06.27 10:02:13 | 000,128,000 | ---- | M] (Yuna Software) [Auto | Running] -- C:\Programme\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe -- (MsgPlusService)
SRV - [2013.06.21 10:57:12 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.21 06:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013.01.03 13:42:57 | 001,259,448 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.12.31 18:38:24 | 000,542,344 | ---- | M] (Soluto) [Auto | Running] -- C:\Programme\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2012.12.31 18:38:24 | 000,167,048 | ---- | M] (Soluto) [Auto | Running] -- C:\Programme\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV - [2012.12.31 18:28:40 | 001,239,552 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\Programme\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.06.17 09:33:46 | 000,295,192 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.06.13 23:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.03 20:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Programme\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2010.02.12 08:09:06 | 001,574,408 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service)
SRV - [2010.02.11 03:34:14 | 001,964,528 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe -- (SymSnapService)
SRV - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.01.29 16:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.25 16:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007.09.26 10:53:56 | 000,554,352 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)
SRV - [2006.11.02 14:36:18 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys -- (cpuz136)
DRV - [2013.09.08 14:48:27 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\a-squared Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2013.09.01 17:53:41 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130831.007\NAVEX15.SYS -- (NAVEX15)
DRV - [2013.09.01 17:53:41 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130831.007\NAVENG.SYS -- (NAVENG)
DRV - [2013.09.01 17:53:40 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013.09.01 17:53:40 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013.08.25 17:55:13 | 000,392,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130830.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013.06.19 17:06:51 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013.05.31 18:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013.05.23 07:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013.05.21 07:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symds.sys -- (SymDS)
DRV - [2013.05.16 07:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013.04.25 02:43:56 | 000,352,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symtdiv.sys -- (SYMTDIv)
DRV - [2013.04.16 04:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\ccsetx86.sys -- (ccSet_NIS)
DRV - [2013.03.05 04:14:18 | 000,036,512 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2013.03.05 03:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2013.03.05 03:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2013.02.19 22:32:54 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.01.23 10:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013.01.23 10:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013.01.23 10:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013.01.23 10:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012.12.31 18:28:24 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Soluto.sys -- (Soluto)
DRV - [2012.10.28 13:20:40 | 000,063,616 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmUStor.sys -- (AmUStor)
DRV - [2012.10.17 14:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.06.18 13:58:52 | 000,016,000 | ---- | M] (SysNucleus) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\udsstub.sys -- (udsstub)
DRV - [2012.05.19 04:02:38 | 000,236,392 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2012.01.27 15:44:34 | 000,050,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcdriver.sys -- (hcdriver)
DRV - [2011.09.02 08:31:28 | 000,081,304 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.09.02 08:30:58 | 000,065,048 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2011.09.02 08:30:58 | 000,022,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2011.08.15 23:34:56 | 000,108,544 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\MxEFUF32.sys -- (MxEFUF)
DRV - [2010.08.12 13:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010.03.03 20:59:22 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010.02.12 08:10:12 | 000,057,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GenericMount.sys -- (GenericMount)
DRV - [2010.02.11 03:34:46 | 000,138,592 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\System32\drivers\symsnap.sys -- (symsnap)
DRV - [2009.09.21 21:40:14 | 000,015,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV - [2009.07.29 17:21:35 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009.07.29 17:21:35 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2007.12.24 17:06:56 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2007.12.24 17:06:56 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750obex.sys -- (k750obex)
DRV - [2007.04.23 16:54:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s115mgmt.sys -- (s115mgmt)
DRV - [2007.04.23 16:54:50 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s115obex.sys -- (s115obex)
DRV - [2007.04.23 16:54:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007.04.23 16:54:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007.04.23 16:54:46 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s115bus.sys -- (s115bus)
DRV - [2005.02.11 12:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://www.bing.com/search?q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7403}: "URL" = hxxp://www.searchqu.com/web?src=ieb&systemid=403&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 BB B5 1E 80 0F CE 01  [binary data]
IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"
FF - prefs.js..extension.gacela.network.proxy.autoconfig_url: ""
FF - prefs.js..extension.gacela.network.proxy.type: 5
FF - prefs.js..extensions.enabledAddons: DeviceDetection%40logitech.com:1.24.0.9
FF - prefs.js..extensions.enabledAddons: finder%40meingutscheincode.de:3.0.3
FF - prefs.js..extensions.enabledAddons: %7Bef4e370e-d9f0-4e00-b93e-a4f274cfdd5a%7D:1.4.9
FF - prefs.js..extensions.enabledAddons: fabtab%40captaincaveman.nl:1.5.2
FF - prefs.js..extensions.enabledAddons: fb_add_on%40avm.de:1.7.0
FF - prefs.js..extensions.enabledAddons: %7Bab91efd4-6975-4081-8552-1b3922ed79e2%7D:1.0.24.1
FF - prefs.js..extensions.enabledAddons: toolbar-ff%40payback.de:1.1.9.99
FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.3.4
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.7.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.12
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.0.380%20-%201
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.4.2.2
FF - prefs.js..extensions.enabledAddons: gacela2%40nurago.com:12.8.325
FF - prefs.js..extensions.enabledAddons: %7B080955ad-b8bb-4500-806f-d2b9ad73d72e%7D:2.0.19
FF - prefs.js..extensions.enabledItems: {fd795510-ca0d-42fa-a52c-29073bfdd019}:1.0
FF - prefs.js..extensions.enabledItems: fabtab@captaincaveman.nl:1.3.5
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.2b
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.21.0.11
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: gacela2@nurago.com:11.1.3012
FF - prefs.js..extensions.enabledItems: {080955ad-b8bb-4500-806f-d2b9ad73d72e}:1.8.71
FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q="
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 4001
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 4001
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 4001
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 4001
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 4001
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Adobe\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=12: C:\Program Files\Google\Google Updater\2.2.1273.1045\npCIDetect12.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Adobe\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Adobe\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gacela2@nurago.com: C:\Program Files\GfK Internet-Monitor File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ [2013.09.09 16:45:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\ [2012.09.23 11:20:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.08.17 11:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.08.17 11:20:36 | 000,000,000 | ---D | M]
 
[2013.09.08 20:49:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Extensions
[2011.06.23 17:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.07.09 11:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2012.07.22 10:39:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions
[2012.07.22 10:39:53 | 000,000,000 | ---D | M] (CS Lite) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{00084897-021a-4361-8423-083407a033e0}
[2012.07.22 10:39:54 | 000,000,000 | ---D | M] ("Walnut2 for Firefox") -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e}
[2012.07.22 10:39:54 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.07.22 10:39:54 | 000,000,000 | ---D | M] (JonDoFox) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{437be45a-4114-11dd-b9ab-71d256d89593}
[2012.07.22 10:39:54 | 000,000,000 | ---D | M] ("Walnut for Firefox") -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
[2012.07.22 10:39:54 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2012.07.22 10:39:54 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.07.22 10:39:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.22 10:39:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012.07.22 10:39:55 | 000,000,000 | ---D | M] (ProfileSwitcher) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}
[2013.08.30 16:54:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions
[2013.08.30 16:54:30 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013.04.16 22:32:45 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2013.08.28 18:01:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.26 18:16:29 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions\DeviceDetection@logitech.com
[2013.04.13 11:27:11 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions\fb_add_on@avm.de
[2013.03.15 18:25:16 | 000,085,870 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\fabtab@captaincaveman.nl.xpi
[2011.09.21 23:29:39 | 000,105,020 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\finder@meingutscheincode.de.xpi
[2013.07.29 19:02:27 | 000,128,837 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\toolbar-ff@payback.de.xpi
[2013.07.26 20:51:46 | 000,791,540 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e}.xpi
[2013.08.16 18:08:12 | 000,216,989 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2013.08.16 18:08:12 | 000,534,203 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.07.31 16:27:11 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.19 19:15:32 | 000,685,671 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
[2010.10.31 22:36:06 | 000,001,820 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\searchplugins\bing.xml
[2013.02.10 16:55:18 | 000,006,350 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\searchplugins\Google.xml
[2010.10.28 10:41:06 | 000,005,529 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\searchplugins\SearchquWebSearch.xml
[2013.08.17 11:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.08.17 11:20:44 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.09.09 17:11:40 | 000,000,000 | ---D | M] (GfK Internet-Monitor) -- C:\PROGRAM FILES\GFK INTERNET-MONITOR
[2013.09.09 16:45:09 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\COFFPLGN
[2012.09.23 11:20:01 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPLGN
[2012.11.12 12:41:04 | 000,171,136 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012.02.21 21:10:41 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2010.10.28 10:41:06 | 000,005,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml
 
O1 HOSTS File: ([2008.05.19 06:21:44 | 000,000,936 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (GfK Internet-Monitor) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Programme\GfK Internet-Monitor\Gacela2.dll (GfK)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - Reg Error: Value error. File not found
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4 - HKLM..\Run: [emsisoftantimalwaresetup] "C:\Users\Jason\AppData\Local\Temp\EmsisoftAntiMalwareSetup.exe" File not found
O4 - HKLM..\Run: [GfK-WatchDog] C:\Program Files\GfKLSPService\GfK-WatchDog.exe ()
O4 - HKLM..\Run: [MessengerPlusForSkypeService] C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software)
O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [Philips Device Listener] C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe ()
O4 - HKLM..\Run: [Steganos Mail CleanUp] C:\Programme\Steganos Mail CleanUp\smc.exe (Steganos GmbH)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-443034713-400772608-3178615674-1000..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 1
O7 - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 1
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Über GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Programme\GfK Internet-Monitor\Gacela2.dll (GfK)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.3.1/jinstall-1_3_1_18-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.3.1/jinstall-1_3_1_18-windows-i586.cab (Java Plug-in 1.3.1_18)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8709F6B5-991A-4601-B282-DB03719DDE64}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\AutorunsDisabled\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\AutorunsDisabled - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - M:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.09.09 17:24:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2013.09.09 16:49:23 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{A5463E9A-1550-4D05-A01B-8FFBEAC446D2}
[2013.09.08 22:14:22 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{2AE681DB-4104-401C-9784-0389B6B314DA}
[2013.09.08 20:12:47 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.09.08 14:35:54 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Anti-Malware
[2013.09.08 09:50:39 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{4768073C-8667-4A2B-AB61-60BBF59BF1B5}
[2013.09.06 20:09:26 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{2AF0AACD-B9C7-4AFB-94A9-A9EEE7FF3C15}
[2013.09.05 17:58:10 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{632A169A-F29C-4A73-86CF-3FB48FDCAB23}
[2013.09.04 17:16:05 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{DDF9E339-6F36-4082-985F-6AAC1D3C40F3}
[2013.09.04 16:25:42 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{EF511A59-0139-4303-BD31-1729083342DC}
[2013.09.03 16:15:48 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{35B1EEB3-69A5-4ECF-A956-05AE2C502DEF}
[2013.09.02 17:15:06 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{E9643870-C1CD-4159-8615-B4CFAA7706AE}
[2013.09.01 06:52:36 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{56ADC089-93C1-4F78-9686-24FF7E3C89CD}
[2013.08.31 12:49:44 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{FE5B15D5-756F-4B37-AF31-BEA346DB1DBD}
[2013.08.30 16:52:07 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{9D088991-8B45-482A-ADCF-AD69751F522E}
[2013.08.29 16:37:33 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{C9E876EC-5A22-46F1-A70F-1EF6F2651057}
[2013.08.28 17:43:51 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{164EDBDF-CFDB-407E-97F8-334591DBE13A}
[2013.08.27 16:25:30 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{0C26A062-86FE-416A-A112-AC3D2A5151EF}
[2013.08.26 16:19:34 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{5F6C2172-54AB-4597-AF81-56B8F301850A}
[2013.08.25 09:16:11 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{EC2B211A-C192-4BD6-A577-C5C9D9686828}
[2013.08.24 08:18:35 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{B1232010-2295-459D-9A36-069D9F4F2C4A}
[2013.08.23 19:47:46 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{47BDFB76-5866-4665-9E5F-AE95664103FB}
[2013.08.22 18:36:08 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{F8B9F227-284C-49F9-A172-8E9F55064AE5}
[2013.08.21 17:54:13 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{9A1D15BA-3CBC-4BF9-8B14-9234AB964499}
[2013.08.20 17:35:02 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{5E3CEBF8-4C07-49B9-A271-9F345648F668}
[2013.08.19 16:20:30 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{CB8B2F8E-AC18-4B09-84FB-5E4336B8FB8D}
[2013.08.18 13:19:34 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{FA4D205C-34B6-4489-BB3A-7D442AD8A080}
[2013.08.17 11:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.08.17 09:38:47 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{1E44B08C-677F-467F-93FE-78531D7685CE}
[2013.08.16 17:28:55 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{C1E36A50-D7F3-4332-A1AB-394DA26F6A2A}
[2013.08.15 16:16:25 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{666A392E-1D21-4F69-9F17-6BA49D92D789}
[2013.08.14 17:46:08 | 000,000,000 | --SD | C] -- C:\Users\Jason\Documents\Eigene Datenquellen
[2013.08.14 16:50:32 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{357D64AB-19E9-4F5C-94C2-FF6227F9A19F}
[2013.08.13 17:16:56 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{A4AEA838-CEFF-4393-B8A3-603857DDC91F}
[2013.08.12 16:19:17 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{DCCFC563-6D16-472B-BFB5-860CEA288386}
[2013.08.11 20:46:44 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013.08.11 12:41:49 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{29D2F977-56B7-4063-A6FB-C17A05E62C12}
 
========== Files - Modified Within 30 Days ==========
 
[2013.09.09 17:25:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2013.09.09 16:41:12 | 000,006,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.09 16:41:12 | 000,006,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.09 16:41:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.08 20:12:48 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.09.01 17:51:03 | 000,628,668 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.09.01 17:51:03 | 000,596,036 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.09.01 17:51:03 | 000,126,474 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.09.01 17:51:03 | 000,104,110 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.08.11 20:46:45 | 000,001,069 | ---- | M] () -- C:\Users\Jason\Desktop\Revo Uninstaller.lnk
 
========== Files Created - No Company Name ==========
 
[2013.09.08 20:12:48 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.08.14 16:53:43 | 000,001,940 | ---- | C] () -- C:\Users\Jason\Desktop\TomTom HOME 2.lnk
[2013.01.31 21:07:48 | 000,164,371 | ---- | C] () -- C:\Windows\hpoins19.dat
[2013.01.31 21:07:27 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2013.01.14 19:11:05 | 000,002,824 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2012.11.25 15:48:39 | 000,006,656 | ---- | C] () -- C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.19 22:53:36 | 000,809,491 | ---- | C] () -- C:\Windows\System32\avcodec-52.84.800.dll
[2012.11.19 22:53:36 | 000,159,251 | ---- | C] () -- C:\Windows\System32\swscale-0.11.800.dll
[2012.11.19 22:53:36 | 000,087,040 | ---- | C] () -- C:\Windows\System32\avformat-52.74.800.dll
[2012.11.19 22:53:36 | 000,070,675 | ---- | C] () -- C:\Windows\System32\avutil-50.22.800.dll
[2012.09.23 19:57:34 | 000,000,306 | RHS- | C] () -- C:\Users\Jason\ntuser.pol
[2012.09.05 17:53:34 | 000,000,680 | ---- | C] () -- C:\Users\Jason\AppData\Local\d3d9caps.dat
[2012.07.22 11:19:50 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012.07.22 10:49:00 | 000,150,996 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.06.20 18:15:42 | 000,159,251 | ---- | C] () -- C:\Windows\System32\swscale-0.11.0.dll
[2012.06.20 18:15:42 | 000,085,504 | ---- | C] () -- C:\Windows\System32\avformat-52.68.0.dll
[2012.06.20 18:15:42 | 000,070,163 | ---- | C] () -- C:\Windows\System32\avutil-50.19.0.dll
[2012.06.20 18:15:41 | 000,798,739 | ---- | C] () -- C:\Windows\System32\avcodec-52.77.0.dll
[2012.04.30 11:44:02 | 000,003,848 | ---- | C] () -- C:\Windows\System32\GfKLSPService.ini
[2012.04.30 11:44:02 | 000,002,640 | ---- | C] () -- C:\Windows\System32\GacelaLSPServiceOff.ini
[2012.03.10 18:28:26 | 000,000,026 | ---- | C] () -- C:\Windows\VideoPlayer.INI
[2012.02.26 11:03:13 | 000,808,979 | ---- | C] () -- C:\Windows\System32\avcodec-52.84.0.dll
[2012.02.26 11:03:13 | 000,323,584 | ---- | C] () -- C:\Windows\System32\Deinterlace.dll
[2012.02.26 11:03:13 | 000,159,251 | ---- | C] () -- C:\Windows\System32\swscale-0.11.1.dll
[2012.02.26 11:03:13 | 000,086,528 | ---- | C] () -- C:\Windows\System32\avformat-52.74.0.dll
[2012.02.26 11:03:13 | 000,070,675 | ---- | C] () -- C:\Windows\System32\avutil-50.22.0.dll
[2012.02.26 11:03:13 | 000,049,152 | ---- | C] () -- C:\Windows\System32\avcore-0.16.1.dll
[2009.11.08 06:09:20 | 000,000,695 | -H-- | C] () -- C:\Users\Jason\AppData\Roaming\vispa.ini
[2009.01.10 05:33:28 | 000,558,930 | ---- | C] () -- C:\Users\Jason\jap.conf
[2008.12.27 23:26:43 | 000,000,066 | ---- | C] () -- C:\Program Files\Common Files\nuhsoftwareuninstall.url
[2008.11.02 06:19:21 | 000,000,105 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\default.pls
[2008.08.09 21:53:02 | 000,001,024 | ---- | C] () -- C:\Users\Jason\.rnd
[2008.04.18 17:39:54 | 000,021,497 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\UserTile.png
[2007.10.17 03:35:56 | 004,112,384 | ---- | C] () -- C:\Users\Jason\s-1-5-21-443034713-400772608-3178615674-1000.rrr
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 15:18:30 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 15:18:20 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.07.22 10:39:45 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\AD ON Multimedia
[2012.07.22 10:39:47 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ASCOMP Software
[2012.07.26 18:45:51 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Dropbox
[2012.07.22 10:39:47 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\EmTec
[2012.07.22 10:39:47 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\HD Tune Pro
[2013.04.16 22:27:57 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Image Zone Express
[2012.07.22 10:39:47 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\JonDo
[2012.07.22 10:39:49 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Leadertech
[2012.07.22 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Nokia
[2012.07.22 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Nokia Ovi Suite
[2012.07.22 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Nokia Suite
[2012.07.22 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\PC Suite
[2008.07.03 18:22:19 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\PeerNetworking
[2012.07.22 10:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Philips
[2012.07.22 10:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Philips-Songbird
[2012.07.22 10:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Printer Info Cache
[2012.07.22 10:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Registry Mechanic
[2009.06.07 16:58:41 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Skinux
[2013.05.17 17:49:10 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Soluto
[2012.07.22 10:40:00 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Teleca
[2012.07.22 10:40:00 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Thunderbird
[2012.07.22 10:40:01 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Tific
[2013.03.31 00:27:10 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\TomTom
[2012.07.22 10:40:01 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Tracker Software
[2012.07.22 10:40:01 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 

< End of report >
         
Hier die Logfile von Extra-Editor:
Code:
ATTFilter
OTL Extras logfile created on: 09.09.2013 17:29:08 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jason\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,75 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 50,11% Memory free
5,71 Gb Paging File | 4,14 Gb Available in Paging File | 72,65% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 95,34 Gb Total Space | 24,26 Gb Free Space | 25,45% Space Free | Partition Type: NTFS
Drive D: | 3,91 Gb Total Space | 0,45 Gb Free Space | 11,60% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 3,79 Gb Free Space | 19,43% Space Free | Partition Type: NTFS
Drive G: | 14,65 Gb Total Space | 6,10 Gb Free Space | 41,62% Space Free | Partition Type: NTFS
Drive H: | 8,79 Gb Total Space | 4,77 Gb Free Space | 54,29% Space Free | Partition Type: NTFS
Drive M: | 698,64 Gb Total Space | 592,33 Gb Free Space | 84,78% Space Free | Partition Type: NTFS
 
Computer Name: JASONS-PC | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{997ED1BE-4C3C-4CB4-AAC8-901FA95269CF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{D5B2CC4E-03E6-498D-911A-2F3868514292}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{D90402A5-0471-4A06-9D69-24B1FB70A9A3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{FACCEB3F-252B-42CA-8069-7503BA1BB7F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DBF97B-D8C2-45C5-BF5B-52AF4FB001C1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{0587D3F5-114E-400F-B226-B20686116C8E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{05A3DBDD-8135-450D-A095-F00497673B3C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{07AA31DB-EF6D-426A-8B58-6C8C23FADE87}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{099DD2CF-7CD2-4F23-B37E-758834654A1F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{0AEC1A8B-3F0E-4397-A474-AF6319AEF571}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{0D0DFDEF-29C4-4A12-A593-7AA5313C1233}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{10D8AB5D-6ECA-4C89-8DEB-05EB77F46A7C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{1156991B-6D9E-47C8-B9F3-2AE0CCCAA9BC}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{16427F8F-B069-4E96-AB9D-2266EF787471}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe | 
"{1B063951-51CE-497C-BED3-F4BF65B19635}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{1BF41E8E-30CA-4F58-A62A-0BEE3F8D4562}" = protocol=17 | dir=in | app=c:\users\jason\downloads\solutoinstaller.exe | 
"{1F067085-5616-474F-B373-542636407717}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{1F2183E2-E5C2-4070-9262-7C036336091D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{23247463-22CC-47A7-AAB6-0D06A08F6DBF}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe | 
"{246BB364-2752-4F4D-9287-5AB56587B128}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{271DC402-1B4E-4E16-A3CD-65F6C720B073}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\update_1f7e.exe | 
"{2B020DDE-1280-4A14-802D-7EE3B412A54E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{2BE72E88-FEB4-49FE-90C8-C3F9B714A2F7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{2CAEB86A-862F-46BE-BDA4-AAA53CAFD7C0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{31933A0C-73EE-44F5-AD76-E01C15E311B7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{3304C447-E83A-4DEE-9D53-909E14A8AC03}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{34C19A7D-5B67-40CA-84B7-53A1AD0593B5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{3A355D68-809D-4DCA-AC52-33F7F3F2D63D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{43CB977A-40E5-4522-8F37-4758E357C2FF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{446A215A-F0F4-497A-A22B-1B4C8EADA9BC}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{44AE3187-8255-487E-9073-3162ED0C7213}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\update_1f7e.exe | 
"{470C0A5E-1887-4FB7-9C3A-8356083C5A18}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{498C0924-157E-42EE-A1F4-B85C553EFCA3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{4C02E324-EAED-450B-8191-FA3945F2831E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{5155C6FD-86A5-40FE-A1F7-044E45446AF5}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\7zs4090\hpdiagnosticcoreui.exe | 
"{53A2DCFB-CDAD-4B34-83A2-C6A8702DF54D}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\7zs3536\hpdiagnosticcoreui.exe | 
"{57AB9ECD-76A2-4802-A80B-B4906EDBD5E0}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe | 
"{587C83E0-CA9E-4CE6-931D-B9A21B7225ED}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{5942A0E1-F816-4AA3-91EC-3F84F8AC2DA7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{5B19F699-E4A4-41F2-B369-5C8BBD69362B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{5F8F9EC2-DB93-4A2F-AAEF-511D5055D019}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{6D761036-EAFE-413C-B096-3F0234E2A164}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{6E2A35B1-63C4-4B52-BEB2-0DF23B79D037}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{72DA4170-4574-4779-BCDD-A57B654BA845}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{745897DB-B0B8-4170-B912-F1111FBF64F2}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe | 
"{8124007F-F210-4901-B4A4-6827B99636E0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{82124BC8-DD71-4B36-ACD3-96A5CD8E006E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{83E1B52E-165A-4FB5-8C7D-4CFBD9F77A4E}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\7zs8279.tmp\symnrt.exe | 
"{8B156F3F-7EF4-4EC0-A1B2-6B0A50EC28F3}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{8CBD8680-9BD3-4150-9629-48554CDD483D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{8DC04F92-729A-43C2-BA9F-930440D790BF}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\7zs5705.tmp\symnrt.exe | 
"{8F39C948-D53E-4461-B68D-955051B73995}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{8FDBDBE5-8FAC-453E-89A4-2BC7899181EC}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe | 
"{901717ED-72D1-47B7-9FF1-9B176AE8297B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{91AD8529-B191-477B-8251-9CD329458FC1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{93256BEA-7A9B-458D-B427-E795072B3897}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{9402C0B6-FEA4-4D2E-9C99-17823B3692B9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{94A5882E-3A99-40E1-BDB7-CC2E2213380C}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe | 
"{94DC1A3A-B357-447D-8C23-1C6289A52018}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{97DCB488-1CCB-4F25-8C08-C68C78313CB2}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{99BAD563-65CF-42CD-8AB4-2F2B66CE0E29}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A2C5B0EA-DD47-4E38-94F0-3DDDBEBE9901}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe | 
"{A5FA43F9-69D7-48CD-9E54-43EF9C146ED4}" = protocol=6 | dir=in | app=c:\users\jason\appdata\roaming\dropbox\bin\dropbox.exe | 
"{A756DF65-7A18-4D91-B5D6-F76B6CA93C2C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{A7DCC2E2-F243-4FF5-A0DC-B49DEB0C6489}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{AE4C1A99-EBDC-481C-B01E-B59A5D0F8509}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B22AF27A-BF9A-4FD4-8BA7-8204C48A85DA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B30D00E9-F0D9-4996-9F24-B807EA869F47}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B4E047DD-EAB1-4E8F-BB24-CB63D1F89848}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\7zs5705.tmp\symnrt.exe | 
"{B587A7A3-6116-48E5-8D06-B4B7FBE96936}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{BCCF7D91-6475-455C-A32A-214ABFD3CD11}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{BE2FCE45-CFF4-485D-A963-9AEE70852E6C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{C48BE8D3-F09B-43A1-ACFA-9A6631A30CCD}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{C6D7DDF0-578A-486F-B3BE-B989FFA77E7B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{C798FCE0-0A95-414F-A41B-58411CF4D5F3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{C8439CA3-19A2-4420-A779-D689AAA6121B}" = protocol=17 | dir=in | app=c:\users\jason\downloads\solutoinstaller-jy47gopi25.exe | 
"{C85D5039-CAA9-4352-8F8F-E5CFD2D2B63A}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\7zs4090\hpdiagnosticcoreui.exe | 
"{CBA0A374-A005-4384-8A85-692686C24A32}" = protocol=17 | dir=in | app=c:\users\jason\appdata\roaming\dropbox\bin\dropbox.exe | 
"{CC6848F4-3A90-440F-B5A4-57EE31B6965A}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe | 
"{CCC4B3A1-8BF9-4CDB-8932-1F64AA46F88D}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\7zs3536\hpdiagnosticcoreui.exe | 
"{CE6CD336-1CDB-4B88-9913-01589CC56303}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{CEC9CAB4-AF67-4FF4-A14A-8D9BC129FC14}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe | 
"{CF764163-2377-4463-8F84-1D0466CBF29B}" = protocol=6 | dir=in | app=c:\users\jason\downloads\solutoinstaller-jy47gopi25.exe | 
"{D2F80B6E-41D0-457B-A2E3-B64E9BC59225}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\7zs8279.tmp\symnrt.exe | 
"{D31DBA9A-4C38-4698-A753-B74CBEC13ECF}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{D3A5DB8B-0502-4C97-AF7F-CC196A7D4C48}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{D52F7CB9-6E01-4E69-BB3D-2CF4E9E081E2}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe | 
"{D974CAD4-70B0-435D-BCA9-9CB5FD0D3679}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{DE9964D0-AA96-48D9-A257-FEE6D39CC9B8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{E17B8103-B8EC-4125-89C9-B9175E683DD6}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{E8213107-3D3A-4CA0-80E2-5BE74EA416EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{EC04DEC9-E870-4912-85A3-BAD14DD98364}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F0E54C5D-4F6F-4387-98AF-3A039666E456}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F331216E-43A7-482C-9D72-1D5F00AF50F4}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{F3F5D08F-113D-4FD4-9B65-05FF2AC324E0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{F40A3545-1C09-4AD8-A598-2C4CF748D0AD}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F4B9CDEC-1ED9-4B5A-9E24-0F4EBE6AEBFB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{F7B825DC-D383-427D-A776-24336C618041}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F8CA3509-DE27-411C-AF8A-FCD4C0898A51}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F92C0F4A-725B-4459-A512-5E675EED5DC4}" = protocol=6 | dir=in | app=c:\users\jason\downloads\solutoinstaller.exe | 
"{FAACEB9F-890F-4047-8E8A-AE85C1B4311B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{FB3FB88A-802A-4BE4-AB82-D213BD241DB4}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{FF67B586-4CA8-40FD-A6E2-A7906105B459}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{FF753CF8-9937-4E2A-835C-0028B798FB6B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"TCP Query User{034C10EF-2766-4B8B-800C-D8897D91721E}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 
"TCP Query User{0778932F-2E24-41A2-AF18-5E3ECA0345A6}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{0C2CF881-DB45-4F18-A1D7-FE847ED49279}C:\program files\windows live\contacts\wlcomm.exe" = protocol=6 | dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"TCP Query User{67999E21-6894-4F44-A843-3E036DC39198}C:\users\jason\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe | 
"TCP Query User{7DB37AF3-42FB-430E-A7F9-6CC8855D563E}C:\program files\videoviewer\videoviewer.exe" = protocol=6 | dir=in | app=c:\program files\videoviewer\videoviewer.exe | 
"TCP Query User{8090D974-C2A5-41ED-B817-ADB194757B2B}G:\programme\emule\emule0.50a\emule.exe" = protocol=6 | dir=in | app=g:\programme\emule\emule0.50a\emule.exe | 
"TCP Query User{922BC696-7504-468B-A784-F0FB5FF65F8C}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{9D4DCED0-1786-402B-9293-F85462FE9CA1}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{C9F1C477-E7D0-4927-91FE-3A95AEB0D7B9}G:\programme\emule\emule0.49c\emule.exe" = protocol=6 | dir=in | app=g:\programme\emule\emule0.49c\emule.exe | 
"TCP Query User{E91B4352-AEA9-4B54-A5F8-C432F9F1FCDD}G:\programme\emule\emule0.49c\emule.exe" = protocol=6 | dir=in | app=g:\programme\emule\emule0.49c\emule.exe | 
"UDP Query User{2227EC30-B6CC-4691-8933-2BC3B4EBFCEA}C:\program files\windows live\contacts\wlcomm.exe" = protocol=17 | dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"UDP Query User{2796D7D7-E22B-4090-A9DB-9668CB915441}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{3B2A8B12-8BD2-4ABD-8497-17C5046F7C11}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{3C4AEDB6-C6F0-4200-A1B3-7CD5BA124984}C:\users\jason\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe | 
"UDP Query User{46856D72-3EA3-457B-A759-2E0CBBD81CB6}G:\programme\emule\emule0.49c\emule.exe" = protocol=17 | dir=in | app=g:\programme\emule\emule0.49c\emule.exe | 
"UDP Query User{8CCD6F3D-1DF1-4467-891C-F2916BFFC4CC}G:\programme\emule\emule0.49c\emule.exe" = protocol=17 | dir=in | app=g:\programme\emule\emule0.49c\emule.exe | 
"UDP Query User{94F0AA9B-07D7-4147-B087-E282EEF1D922}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{9ECE6E30-CE75-4C79-9789-B511DE1462C0}G:\programme\emule\emule0.50a\emule.exe" = protocol=17 | dir=in | app=g:\programme\emule\emule0.50a\emule.exe | 
"UDP Query User{A0CFBE1B-A1CC-4A1C-B1E7-CA22E00FFB58}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 
"UDP Query User{EFA92DEC-9D32-4A16-A349-A64ECD4A5B1D}C:\program files\videoviewer\videoviewer.exe" = protocol=17 | dir=in | app=c:\program files\videoviewer\videoviewer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C808377-8C23-44ED-9016-05F42E6D4900}" = Nokia Suite
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15F02176-0D12-4FAF-B2CD-2767C7781427}" = Google SketchUp 8
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.24
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{68249B78-B714-11D7-88E8-0050DA21757E}" = Java 2 Runtime Environment Standard Edition 1.3.1_18
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{731318C8-FF6A-4D07-9615-B7D2A9D5052C}_is1" = Filerid3 Systemtuning
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{8121C79E-CAF0-478B-BE3B-1D88E8B30DB3}" = Steganos Mail CleanUp 5.1.10
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{879F7C80-BCA3-4A11-BDB1-658252ECD7E0}" = HP Product Detection
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{99072AB4-D795-44D5-9D65-E3C9F8322C97}" = TomTom HOME
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0255743-165B-4BD5-8DA8-37DFB9930015}" = Norton Ghost
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 307.74
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile-Gerätecenter: Treiberupdate
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1568757-E564-4cb5-8980-9333119A4384}" = F300
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9BC6655-79F8-4632-A343-E8F2CD70551A}" = Soluto
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0)
"39992AD7-103F-4308-8BB7-3F65F543604D" = GfK Internet-Monitor
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Cat Licking Screen Cleaner Screensaver" = Cat Licking Screen Cleaner Screensaver
"ClearProg" = ClearProg 1.6.1 Beta 6
"FLIQLO" = FLIQLO Screen Saver
"Futaba VFD control program V2.3" = Futaba VFD control program V2.3
"Google Updater" = Google Updater
"HD Tune_is1" = HD Tune 2.55
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"Internet keyboard driver_is1" = Internet keyboard driver 2.0
"JonDoUninstall" = JonDo
"Licking Dog Screen Clean Screensaver" = Licking Dog Screen Clean Screensaver
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MailBell" = MailBell
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Matrix Code Emulator_is1" = Matrix Code Emulator 1.50
"Messenger Plus! for Skype" = Messenger Plus! for Skype
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 23.0.1 (x86 de)" = Mozilla Firefox 23.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"Nokia Suite" = Nokia Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Philips Songbird" = Philips Songbird
"PolarClock3" = PolarClock3 Screen Saver
"Registry Mechanic_is1" = Registry Mechanic 7.0
"Revo Uninstaller" = Revo Uninstaller 1.95
"SP6" = Logitech SetPoint 6.32
"SystemRequirementsLab" = System Requirements Lab
"Video Viewer" = Video Viewer
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.9.4
"xp-AntiSpy" = xp-AntiSpy 3.98-2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe ConnectNow Add-in" = Adobe ConnectNow Add-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.09.2013 16:36:16 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = 
 
Error - 08.09.2013 16:40:11 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = 
 
Error - 08.09.2013 16:55:34 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = 
 
Error - 08.09.2013 16:59:26 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = 
 
Error - 09.09.2013 10:47:34 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = 
 
Error - 09.09.2013 11:00:18 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = 
 
Error - 09.09.2013 11:11:43 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = 
 
Error - 09.09.2013 11:23:45 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = 
 
Error - 09.09.2013 11:27:58 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = 
 
Error - 09.09.2013 11:32:20 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = 
 
[ Media Center Events ]
Error - 17.04.2008 22:02:30 | Computer Name = Jason´s-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
 gescheitert.
 
[ OSession Events ]
Error - 30.10.2011 15:24:28 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.11.2011 11:48:34 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.11.2011 15:26:55 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 02.12.2011 16:11:22 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 22.12.2011 18:43:10 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 22.12.2011 18:43:15 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 27.12.2011 12:09:20 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 30.12.2011 18:47:52 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 02.01.2012 06:41:04 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 02.05.2012 16:02:49 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 09.09.2013 11:41:25 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 09.09.2013 11:41:35 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 09.09.2013 11:41:45 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 09.09.2013 11:41:55 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 09.09.2013 11:42:05 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 09.09.2013 11:42:15 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 09.09.2013 11:42:25 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 09.09.2013 11:42:25 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 09.09.2013 11:42:35 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 09.09.2013 11:42:35 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description = 
 
 
< End of report >
         
P.S. Sorry habe es so im Board gelesen, daß diese gezippt werden sollen.
MfG.

Geändert von JasonFF (09.09.2013 um 18:13 Uhr)

 

Themen zu WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...)
32 bit, adblock, adobe reader xi, analyse, angezeigt, anleitung, application/pdf:, askbar, benötigt, blockiert, board, dateien, funde, geladen, gestartet, gesuch, gesucht, helper.exe, heute, infos, inhalt, install.exe, malwarebytes, microsoft fix it, minute, minuten, neuer, norton, officejet, plug-in, scan, seite, sketchup, startseite, tab, tracker, öffnet




Ähnliche Themen: WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...)


  1. Watch4 öffnet sich von alleine
    Plagegeister aller Art und deren Bekämpfung - 04.11.2015 (7)
  2. Chrome öffnet sich von alleine und öffnet dann Popup Fenster
    Log-Analyse und Auswertung - 08.03.2015 (11)
  3. Inernet öffnet sich von alleine + Tabs öffnen sich mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 08.12.2014 (27)
  4. Webseite http://www.98uj8.de/s3brsn5ba66mgfzeinrum#noad öffnet sich von alleine
    Log-Analyse und Auswertung - 06.08.2014 (9)
  5. Windows 7 Home Premium SP1 - Probleme mit Tabs die sich von alleine Öffnen mit http://srv123.com/ads-clicktrack/
    Log-Analyse und Auswertung - 12.06.2014 (11)
  6. IE öffnet sich von alleine.
    Log-Analyse und Auswertung - 30.12.2010 (1)
  7. IE öffnet sich alleine/Werbung
    Log-Analyse und Auswertung - 14.11.2010 (18)
  8. Firefox Tab öffnet sich von alleine
    Mülltonne - 29.08.2010 (4)
  9. IE öffnet sich ungefagt, laute Musik startet von alleine und Wave stellt sich auf minimal.
    Plagegeister aller Art und deren Bekämpfung - 27.07.2010 (5)
  10. Firefox öffnet sich von alleine
    Plagegeister aller Art und deren Bekämpfung - 17.05.2010 (1)
  11. Internet Explorer öffnet sich von alleine!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2010 (4)
  12. IE Explorer öffnet sich von alleine
    Log-Analyse und Auswertung - 18.08.2009 (1)
  13. IE öffnet sich ständig von alleine
    Plagegeister aller Art und deren Bekämpfung - 11.02.2009 (3)
  14. Explorer öffnet sich von alleine
    Log-Analyse und Auswertung - 14.11.2008 (0)
  15. Internetexplorer öffnet sich von alleine mit Werbefenster
    Log-Analyse und Auswertung - 09.08.2007 (5)
  16. Internetexploer öffnet sich von alleine
    Log-Analyse und Auswertung - 03.12.2006 (1)
  17. Mozilla öffnet werbeseiten oder öffnet sich komplett von alleine
    Log-Analyse und Auswertung - 25.10.2005 (2)

Zum Thema WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...) - Seid kurzem öffnet sich ein neuer Tab von alleine, wenn ich meine Startseite (www.t-online.de) aufrufe. Dieser Tab kommt nach einiger Zeit aber erst. Die Seite wird von NoScript soweit blockiert, - WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...)...
Archiv
Du betrachtest: WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.