| |
| |||||||
Log-Analyse und Auswertung: TR/kazy.mekml.1...was nun?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.04.2011, 22:34
| #1 |
| |  TR/kazy.mekml.1...was nun? Hallo Seit heute bin ich auch Opfer des TR/kazy.mekml.1-Viruses. Folgende Meldungen werden mir angzeigt: -Kritischer Fehler -Fehler der Festplatte RAM-Speicher. Nutzung ist kritisch hoch -WTR Loader funktioniert nicht mehr. Das Programm wird aufgrund eines Problems nicht richtig ausgeführt Mein Bildschirm ist schwarz und meine Datein sind weg. Ich weiß dass ich irgendwas mit OTL machen muss. Und auch irgendwas mit Malewarebytes. Ich lade gerade die beiden Programme herunter und werde später das Ergebnis hochladen. Ich hoffe dass mir irgendjmd. helfen kann und auch wird! Danke schon mal im Voraus. Liebe Grüße OTL.Txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 24.04.2011 18:13:23 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Jul\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.17037) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 445,76 Gb Total Space | 222,00 Gb Free Space | 49,80% Space Free | Partition Type: NTFS Drive D: | 19,99 Gb Total Space | 8,43 Gb Free Space | 42,19% Space Free | Partition Type: FAT32 Drive H: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: JUL-PC | User Name: Jul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Jul\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Safari\Safari.exe (Apple Inc.) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Spyware Doctor\pctsTray.exe (PC Tools) PRC - C:\Programme\Spyware Doctor\pctsSvc.exe (PC Tools) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe () PRC - C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe () PRC - C:\Programme\HomeCinema\TV Enhance\TVEService.exe (CyberLink Corp.) PRC - C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) PRC - C:\Programme\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Programme\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\HomeCinema\PlayMovie\PMVService.exe (CyberLink Corp.) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) PRC - C:\Programme\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia) PRC - C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation) PRC - C:\Programme\Intel\IntelDH\CCU\CCU_Engine.exe (Intel(R) Corporation) PRC - C:\Programme\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation) PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe (Intel(R) Corporation) PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation) PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation) PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation) PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe () PRC - C:\Programme\AOL 9.0 VR\shellmon.exe (AOL, LLC.) PRC - C:\Programme\AOL 9.0 VR\waol.exe (AOL, LLC.) PRC - C:\Programme\Medion\MEDIONbox\Program\GCS.exe (Empolis GmbH) PRC - c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH) PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe () PRC - C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe (NewSoft Technology Corporation) PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation) PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\aol\acs\AOLacsd.exe (AOL LLC) PRC - C:\Programme\Common Files\aol\1283960543\ee\aolsoftware.exe (America Online, Inc.) PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Modules (SafeList) ========== MOD - C:\Users\Jul\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_a35e6b9.dll () SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (sdCoreService) -- C:\Programme\Spyware Doctor\pctsSvc.exe (PC Tools) SRV - (sdAuxService) -- C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools) SRV - (TVECapSvc) TVEnhance Background Capture Service (TBCS) -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe () SRV - (TVESched) TVEnhance Task Scheduler (TTS)) -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe () SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) SRV - (AlertService) Intel(R) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation) SRV - (QualityManager) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe (Intel(R) Corporation) SRV - (Remote UI Service) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation) SRV - (MCLServiceATL) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation) SRV - (DHTRACE) Intel(R) -- C:\Programme\Common Files\Intel\IntelDH\bin\DHTraceController.exe (Intel(R) Corporation) SRV - (ISSM) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel(R) Corporation) SRV - (NMSCore) Intel(R) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel(R) Corporation) SRV - (M1 Server) Intel(R) Viiv(TM) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe () SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH) SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe () SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe (MAGIX®) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (cmuda3) -- C:\Windows\System32\drivers\cmudax3.sys (C-Media Inc) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (IKSysFlt) -- C:\Windows\System32\drivers\iksysflt.sys (PCTools Research Pty Ltd.) DRV - (IKSysSec) -- C:\Windows\System32\drivers\iksyssec.sys (PCTools Research Pty Ltd.) DRV - (IKFileSec) -- C:\Windows\system32\drivers\ikfilesec.sys (PCTools Research Pty Ltd.) DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation) DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\HomeCinema\PlayMovie\000.fcl (Cyberlink Corp.) DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Programme\HomeCinema\PowerDVD\000.fcl (Cyberlink Corp.) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (NXP Semiconductors Germany GmbH) DRV - (nmwcd) -- C:\Windows\System32\drivers\nmwcd.sys (Nokia) DRV - (nmwcdcm) -- C:\Windows\System32\drivers\nmwcdcm.sys (Nokia) DRV - (nmwcdcj) -- C:\Windows\System32\drivers\nmwcdcj.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\nmwcdc.sys (Nokia) DRV - (TSHWMDTCP) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys () DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (ATWPKT2) -- C:\Windows\System32\drivers\atwpkt2.sys (America Online) DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.) DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.) DRV - (ssm_mdm) -- C:\Windows\System32\drivers\ssm_mdm.sys (MCCI) DRV - (ssm_mdfl) -- C:\Windows\System32\drivers\ssm_mdfl.sys (MCCI) DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\System32\drivers\ssm_bus.sys (MCCI) DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\Windows\System32\drivers\k750bus.sys (MCCI) DRV - (PLCNDIS5) -- C:\Windows\system32\plcndis5.sys (Intellon, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5 FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.12.03 17:31:42 | 000,000,000 | -H-D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.05.13 17:03:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.20 20:20:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.20 20:20:04 | 000,000,000 | ---D | M] [2008.12.15 19:59:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\mozilla\Extensions [2011.04.06 17:56:15 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions [2011.03.14 21:06:56 | 000,000,000 | -H-D | M] (4shared.com Community Toolbar) -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} [2009.09.06 23:16:26 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.04.06 17:56:15 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2009.10.20 23:04:37 | 000,000,687 | -H-- | M] () -- C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\riy2si8a.default\searchplugins\icq-search.xml [2010.05.12 17:40:48 | 000,001,042 | -H-- | M] () -- C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\riy2si8a.default\searchplugins\icqplugin.xml [2009.10.16 19:58:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.10.16 19:58:04 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2008.02.13 23:04:47 | 000,000,000 | ---D | M] (Google Settings) -- C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com [2010.05.13 17:03:25 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3 [2009.10.16 19:58:04 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07} [2009.05.18 20:53:06 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2008.03.15 15:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2008.03.15 15:56:14 | 000,002,642 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2008.02.19 16:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2006.12.03 17:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2006.11.17 13:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (IE Toolbar) O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CCUTRAYICON] C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation) O4 - HKLM..\Run: [CmPCIaudio] File not found O4 - HKLM..\Run: [HostManager] C:\Programme\Common Files\aol\1283960543\ee\aolsoftware.exe (America Online, Inc.) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools) O4 - HKLM..\Run: [MbWzdFPAP-EXL600] C:\Windows\System32\FPAP-EXL600\PdtGuide.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PlayMovie] C:\Program Files\HomeCinema\PlayMovie\PMVService.exe (CyberLink Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Smart Start UP] C:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe (NewSoft Technology Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( ) O4 - HKLM..\Run: [TVBroadcast] C:\Programme\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia) O4 - HKLM..\Run: [TVEService] C:\Program Files\HomeCinema\TV Enhance\TVEService.exe (CyberLink Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1003..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [AOL Fast Start] C:\Program Files\AOL 9.0 VR\AOL.EXE (AOL, LLC.) O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [BullGuard] File not found O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [iCEyocHtffAu] C:\ProgramData\iCEyocHtffAu.exe (WinTrust) O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [ICQ] File not found O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10n_Plugin.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\Corinna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\Rosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O7 - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Expression\Web 2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O15 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005.02.25 18:24:44 | 000,000,051 | R--- | M] () - H:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{01f840bf-0512-11df-8f2f-00038a000015}\Shell\AutoRun\command - "" = I:\Toshiba\more4you.exe O33 - MountPoints2\{59e6760c-208d-11df-be5f-00038a000015}\Shell - "" = AutoRun O33 - MountPoints2\{59e6760c-208d-11df-be5f-00038a000015}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{aa309178-3c79-11dd-a610-00038a000015}\Shell - "" = AutoRun O33 - MountPoints2\{aa309178-3c79-11dd-a610-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.24 18:08:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Jul\Desktop\OTL.exe [2011.04.24 13:40:33 | 000,561,152 | -H-- | C] (WinTrust) -- C:\ProgramData\iCEyocHtffAu.exe [2011.04.06 17:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4 [2011.04.06 17:54:53 | 000,000,000 | -H-D | C] -- C:\Programme\ICQ7.4 [2011.03.31 22:27:10 | 000,000,000 | -H-D | C] -- C:\Users\Jul\Documents\Scan ========== Files - Modified Within 30 Days ========== [2011.04.24 18:16:25 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CD1B3597-4C0C-4D08-9F51-0F173C582342}.job [2011.04.24 18:16:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{47C1E221-C7DE-40D0-96AB-3746F272C08F}.job [2011.04.24 18:16:00 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{26483060-BB5D-4773-B9D7-3792D767E93B}.job [2011.04.24 18:15:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5F328BB6-0C6F-4CEA-BEC1-7B12CEE774C3}.job [2011.04.24 18:15:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{58B3859E-B0CD-454C-ADAA-8C4A9CF77A18}.job [2011.04.24 18:14:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.24 18:09:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jul\Desktop\OTL.exe [2011.04.24 18:04:02 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.24 18:04:02 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.24 14:14:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.24 14:11:37 | 000,000,554 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Jul.job [2011.04.24 14:10:13 | 000,618,272 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.24 14:10:12 | 000,651,112 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.24 14:10:12 | 000,120,908 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.24 14:10:12 | 000,107,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.24 14:03:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.24 14:03:51 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys [2011.04.24 13:40:32 | 000,561,152 | -H-- | M] (WinTrust) -- C:\ProgramData\iCEyocHtffAu.exe [2011.04.06 17:56:19 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.4.lnk [2011.04.03 21:13:55 | 000,013,312 | -H-- | M] () -- C:\Users\Jul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.03.31 22:27:09 | 000,143,382 | -H-- | M] () -- C:\Users\Jul\Documents\Scan.zip ========== Files Created - No Company Name ========== [2011.04.06 17:56:19 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.4.lnk [2011.03.31 22:27:04 | 000,143,382 | -H-- | C] () -- C:\Users\Jul\Documents\Scan.zip [2011.02.26 13:50:39 | 000,557,056 | ---- | C] () -- C:\Windows\System32\Cmeaupci.exe [2011.02.26 13:50:39 | 000,000,126 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl [2011.02.26 13:49:36 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll [2011.02.26 13:49:36 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg [2011.02.26 13:49:36 | 000,000,731 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi [2011.02.26 13:49:34 | 000,001,509 | ---- | C] () -- C:\Windows\cmudax3.ini [2010.05.13 16:58:01 | 000,177,037 | ---- | C] () -- C:\Windows\hpoins44.dat.temp [2010.05.13 16:58:01 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp [2010.05.13 16:09:48 | 000,176,868 | ---- | C] () -- C:\Windows\hpoins44.dat [2010.05.13 16:09:48 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat [2009.09.03 23:34:14 | 000,000,769 | ---- | C] () -- C:\Windows\Thps3.INI [2009.07.18 12:29:31 | 000,002,892 | -H-- | C] () -- C:\Windows\System32\audcon.sys [2009.05.18 20:49:17 | 000,106,496 | ---- | C] () -- C:\Windows\System32\jacob.dll [2009.03.13 18:39:10 | 000,000,331 | ---- | C] () -- C:\Windows\doom3.ini [2008.05.22 23:43:53 | 000,007,592 | -H-- | C] () -- C:\Users\Jul\AppData\Local\d3d9caps.dat [2008.02.24 21:06:21 | 000,005,980 | -H-- | C] () -- C:\Users\Jul\AppData\Roaming\wklnhst.dat [2008.02.01 18:24:33 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008.02.01 18:24:33 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2008.01.24 20:57:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\LauncherAccess.dt [2008.01.24 20:16:35 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini [2008.01.14 19:44:57 | 000,013,312 | -H-- | C] () -- C:\Users\Jul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.01.12 20:09:03 | 000,026,934 | -H-- | C] () -- C:\Users\Jul\AppData\Roaming\UserTile.png [2008.01.12 19:55:46 | 002,729,472 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll [2008.01.02 00:17:17 | 000,000,012 | ---- | C] () -- C:\Windows\msoffice.ini [2008.01.01 23:16:49 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat [2007.12.26 19:08:28 | 000,000,091 | -H-- | C] () -- C:\Users\Jul\AppData\Local\fusioncache.dat [2007.12.25 00:15:08 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll [2007.12.25 00:15:08 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll [2007.10.22 13:57:20 | 000,000,381 | ---- | C] () -- C:\Windows\WISO.INI [2007.10.22 13:49:01 | 000,299,008 | ---- | C] () -- C:\Windows\System32\midas.dll [2007.10.22 13:49:01 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll [2007.10.15 18:38:03 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2007.10.15 16:45:53 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2007.10.15 16:45:52 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.10.09 23:26:24 | 000,009,824 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll [2007.10.09 17:05:23 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe [2007.01.30 07:03:40 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2006.12.12 18:24:42 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2006.12.11 06:06:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2006.11.02 17:33:31 | 000,651,112 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,120,908 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,395,160 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,618,272 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,107,416 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 12:25:25 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscld.dll [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2006.06.23 10:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll ========== LOP Check ========== [2008.11.16 16:39:03 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\BullGuard [2010.11.20 19:04:48 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\ICQ [2008.01.15 14:31:34 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\ICQ Toolbar [2010.02.16 12:49:35 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\Nvu [2008.05.16 16:51:37 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\Samsung [2008.01.06 18:08:46 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\Template [2010.09.08 19:34:28 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\gtk-2.0 [2010.05.13 17:18:58 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\ICQ [2008.02.13 22:56:44 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\ICQ Toolbar [2009.02.19 12:30:55 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\MAGIX [2010.02.10 23:17:06 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\Nvu [2008.01.24 20:58:04 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\Samsung [2009.07.18 12:33:14 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\Steinberg [2009.07.12 22:41:37 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\Template [2009.03.05 18:15:25 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\Ulead Systems [2008.03.16 17:17:33 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\BullGuard [2011.03.21 16:43:12 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\gtk-2.0 [2011.04.18 10:38:13 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\ICQ [2008.01.09 22:49:36 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\ICQ Toolbar [2010.02.10 23:22:17 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Nvu [2010.09.11 14:20:15 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Opera [2008.01.24 20:58:18 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Samsung [2009.07.18 17:52:22 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Steinberg [2008.02.24 21:06:23 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Template [2009.01.19 22:02:25 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Ulead Systems [2011.04.04 00:24:44 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\xVideoServiceThief [2008.02.17 13:35:49 | 000,000,000 | ---D | M] -- C:\Users\Rosi\AppData\Roaming\BullGuard [2010.09.13 23:25:00 | 000,000,000 | ---D | M] -- C:\Users\Rosi\AppData\Roaming\ICQ [2009.01.05 20:04:01 | 000,000,000 | ---D | M] -- C:\Users\Rosi\AppData\Roaming\ICQ Toolbar [2008.12.29 23:27:55 | 000,000,000 | ---D | M] -- C:\Users\Rosi\AppData\Roaming\Template [2011.04.24 14:01:44 | 000,032,524 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.04.24 18:16:00 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{26483060-BB5D-4773-B9D7-3792D767E93B}.job [2011.04.24 18:16:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{47C1E221-C7DE-40D0-96AB-3746F272C08F}.job [2011.04.24 18:15:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{58B3859E-B0CD-454C-ADAA-8C4A9CF77A18}.job [2011.04.24 18:15:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5F328BB6-0C6F-4CEA-BEC1-7B12CEE774C3}.job [2011.04.24 18:16:25 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CD1B3597-4C0C-4D08-9F51-0F173C582342}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report > Extras.Txt:OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 24.04.2011 18:13:23 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Jul\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 222,00 Gb Free Space | 49,80% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 8,43 Gb Free Space | 42,19% Space Free | Partition Type: FAT32
Drive H: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: JUL-PC | User Name: Jul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1810138987-815365629-1342971551-1006]
"EnableNotificationsRef" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{061876AE-05F6-43FF-98E9-772D4AFEF612}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{092E27A7-9E96-40F8-A330-2D619E7E9E4E}" = lport=139 | protocol=6 | dir=in | app=system |
"{09A0479D-6FEC-44EC-AE35-A11F3555DF76}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{19138A50-3D2E-40E1-A406-014697211086}" = rport=137 | protocol=17 | dir=out | app=system |
"{1974588B-8AFA-4FDE-9EDF-E0036AF2BECD}" = rport=138 | protocol=17 | dir=out | app=system |
"{1D9ADB4D-F57E-42A3-A7FF-BBD61E59CB79}" = lport=137 | protocol=17 | dir=in | app=system |
"{2BA21373-FC2F-4D6F-94DE-F9A49131E305}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2C40B50B-B1DC-4845-B172-F4ABA97321BA}" = lport=49543 | protocol=6 | dir=in | name=akamai netsession interface |
"{3DF07E6F-4C89-4413-9F4F-D987ED5E53B5}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{598AC904-425C-4229-887F-C9D1F21F9CD8}" = rport=139 | protocol=6 | dir=out | app=system |
"{629C15BE-D5A9-45A9-B80E-561033AEC865}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6738A3AC-F04B-48F5-94A8-6A8C92E302B3}" = rport=445 | protocol=6 | dir=out | app=system |
"{769EEBF4-D87F-40D9-AB62-F6416984AC0B}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{86B19325-CF39-4782-996A-419CA64E2B4A}" = lport=138 | protocol=17 | dir=in | app=system |
"{8AE16B31-3337-4455-BB29-5B533BA533D8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A58590DE-04CE-48BF-A054-F29D87DA79E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A7397908-F5EF-4AD1-9EC1-595B5FE23249}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE8B0ACE-5FC4-46CC-9FC6-47AA064392B1}" = lport=445 | protocol=6 | dir=in | app=system |
"{C848FBE8-D1C0-4152-9289-7F094AA58346}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E1C73454-69C3-426D-8C7F-6B023599CF51}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C9B02B-165E-4C42-AAAB-34EDA0D353C2}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1283960543\ee\aolsoftware.exe |
"{02726EF0-DCF8-4A6B-9551-9BA58ADE13FF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0359B82E-D1D9-4AB9-BB9A-017D8225D5A0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{04C23F63-1C82-4C9A-83AD-3F12F37539EC}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{05AFD4A2-963D-451D-A7FE-8E9C421CCBDE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{06263D40-99C6-4502-BC8F-B98B97072FAD}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{09B5590D-FA2F-4FF0-A0D7-B9C4D218F932}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1199227107\ee\aolsoftware.exe |
"{0E4F2913-904F-407F-B3BF-E5C43AACAFAE}" = dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe |
"{11A0AE7E-F2EB-42C8-9D13-DC2C76618033}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{13AD2E8B-1AD6-47CD-975D-FB6A7EF6B8B1}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{195F93DE-BBE8-4756-A2A3-4DF4DB153BA7}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{1C1E9ECE-6E31-4F30-96B0-BE2BCD9E3A2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{1CFE2270-DC09-46D3-B661-08B949E3352D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{22B96055-B5D2-41F8-8FEC-391F79BE9213}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{2313D8FC-F1F2-43E0-93BD-600F159B5E1D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{2947DE48-795B-48C9-A914-78E31D96136D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{2A16498A-4CFA-4B02-BC13-7BCD4E67AFDA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{2CBBB755-6909-44CD-9D83-DD18F58C6273}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{3B9BDEE3-49F7-4B20-B0E1-E1499C4855AF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4110B60D-0312-4F2B-AD09-4DA6FC65FE3C}" = protocol=17 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{453B86B8-298D-4C14-9422-337F42884F41}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4AD3F761-D1D6-4EC8-B75A-AE79C1858339}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{4C5B94E9-4DAD-437B-AB4F-948FF2BA67F1}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4E77E32E-6155-4576-AD8A-508B04220544}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{50B81A09-440B-404F-9BA9-D143C697CFCC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{51355676-F387-4D39-8500-8260093964C1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{528773B3-F9C5-42B3-B101-E0447E3CD334}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{575BA7B1-F6E7-45C4-B49F-49940156B44E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{59D17B7C-86DE-4A75-92B2-18C4D37D07D0}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{613465AA-AF70-467A-9E10-ABDD058B9C98}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{618F5129-AA2B-48F3-B864-6FFDF951CEA0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{637BD92C-FCC8-4C09-9BAD-64609DED2250}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{63BC5E33-5FE6-4B6D-B96D-52AA148FACFE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{64DCE4E0-BE06-4BB5-8602-7760B09F65F3}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{6BEC0D4C-61EF-44C4-9A57-4E569F4BA5E3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6DE75101-630C-4066-AB31-F676ED26AF4D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{795AC540-ACCD-4341-AB37-CEF6699E82D8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{7BAA2145-29CA-49A4-A4F0-26DB51BFB4F6}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{7CD61BFE-B7B5-4252-840F-F7F31D78E18F}" = dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe |
"{7CFAFB60-4CD9-4CFE-8287-35E9C8E9E1FC}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{7D3CF706-04B0-4A39-84FC-3B34E4017780}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{7E3C645A-902F-4EA5-9F09-2A70382F352F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{7F53B737-6CD2-435F-BCB0-8E343FAB5D17}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{82FF91E8-6377-4E84-BED5-9AFD7081284F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{842AA906-A72E-429F-81CD-E2DE06FABEC5}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{85A16C38-C5D5-47AA-A368-12D9EABC9234}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{872DEFB5-77A7-4416-A450-0C39E3FCC07B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{894BE63D-D367-44D0-B781-7BE5DE6AC00A}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{8C3A2F39-6BD0-4F38-8D75-F4A7B37A01D4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9935C6BA-B50F-478F-9FBA-765885DACCDA}" = dir=in | app=c:\program files\homecinema\playmovie\pmvservice.exe |
"{A020BE76-947B-440A-8880-6ACE8A684839}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{A583552E-DCC4-4E83-881F-9FF11D3FEB38}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{AA783ACC-1F2B-4F37-805B-F5727FA53639}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{B0CF87FA-C5B1-459D-BDC1-2810A3D75733}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{B0F2B2C0-29E4-4155-8686-3E7517A2543A}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe |
"{BFE36425-4FDE-480F-B5E0-1C8019E25F6A}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{C3FDF79B-983F-427F-B5DA-362F944D48C3}" = protocol=6 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{C577DA8B-B8E5-436A-B59C-D129558EBB27}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{C65DC158-8FE8-4F8B-86D5-2020A2C31875}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{C7A83825-64A2-44EC-825F-17B9DCBC097C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{CA85A4BC-B064-4111-A334-A800B324C754}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{CCFE1990-C505-4FE1-9DEE-338733D97B9F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{CE10E806-E8A5-44D7-8B53-CD2C6FF3AB6C}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{CFD722CC-BC7C-44E9-98C4-F7089509AEA2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{D23463CD-60A1-4A06-819B-3DD5B6E51A0E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D383F04C-5757-4FE6-90E7-B48D22CB8919}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{D6246DB2-9FB5-42DB-BC14-AF2F22204913}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{D68276C4-DFA9-4E0A-89C9-B521258A15BB}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{D71EDDB6-6845-4AC5-931B-D64D16E01AEC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DA6FB018-C7AE-42F4-95C3-A91DE5AB2891}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1199227107\ee\aolsoftware.exe |
"{DE87C0C7-64B4-44CD-B6F4-B968BC5F69B5}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{E3BA5825-7070-49D5-B3D6-EE570135145B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1283960543\ee\aolsoftware.exe |
"{E6A1DB04-E31B-49CA-9C73-E505382FC76F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{EA812654-BDD9-4CF6-86A6-2CC85198121D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{EC31400D-1AB6-4B6D-9195-562000A1CA12}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{ED63D35F-A766-45DA-B55F-0D8055DA390A}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{EEA107A4-79EB-4B51-899B-817312E77C7F}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe |
"{EFDFAF21-5768-46D8-AC9F-988CF2E07F19}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F3986AE9-2C21-4547-A868-16627E9D072D}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{F7B8EA57-C17F-4737-9A3A-18D8D005868C}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{FAE57EDA-E71F-4905-976F-FF8091FB39CD}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{FB768641-55FC-4FAF-9D9C-CBFD9E74F821}" = dir=in | app=c:\program files\homecinema\playmovie\playmovie.exe |
"{FB9C064B-A3FF-4344-849A-6553B4B24386}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{FE87A4D1-DF76-4A03-A68D-B1715D734D9E}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"TCP Query User{28625131-7EB6-4227-8203-E3765783D41C}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{3CF874B8-3D81-45AF-825F-7CBFCD5502B7}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{468751E5-EB1E-42F0-9273-3C74CA527FE5}C:\program files\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=6 | dir=in | app=c:\program files\red storm entertainment\ravenshield\system\ravenshield.exe |
"TCP Query User{72CCF147-44F6-4D99-B18D-F2EE68C43CBB}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{9112C661-546E-48AC-9B23-66D6B1215A58}C:\program files\activision\thps3\skate3.exe" = protocol=6 | dir=in | app=c:\program files\activision\thps3\skate3.exe |
"TCP Query User{C2A19063-7BB4-4AB3-998D-D80148398DE1}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{D5B57090-AE08-4CFF-9DC4-9E4D4F41D672}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{2DBA3856-766F-4AB8-830A-DE6B6F4ECF21}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{423CED1D-2859-436A-8A61-521A90DC6D93}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{42FA59BC-00CF-4C1D-80C3-5582D793B33C}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{8FB3C6B4-0705-4657-B2EE-BD1B2C18A5FD}C:\program files\activision\thps3\skate3.exe" = protocol=17 | dir=in | app=c:\program files\activision\thps3\skate3.exe |
"UDP Query User{A219BB55-D09D-4229-86AB-6EE7AB4BBB67}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"UDP Query User{D092B61F-A546-4CCA-A3AF-3559FBA02A93}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{FE3179CE-2D47-4277-8C1A-D3731D35E363}C:\program files\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=17 | dir=in | app=c:\program files\red storm entertainment\ravenshield\system\ravenshield.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{129FC9F8-206B-4C29-9B45-8D53B10EC6C7}" = xVideoServiceThief
"{12BE652B-2B80-4A22-A140-4FEDC7F77D54}" = Tune Tools
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{18E65799-76BD-46EF-9E53-972FE5A40736}" = Opera 10.62
"{1967D67C-6F3F-4001-9644-BAC704F7EE84}" = Samsung PC Studio
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2C9241DC-E141-4BB9-99F2-0BC54D81862F}" = Smart Start UP
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{53DF73B1-37F5-4B7F-86ED-FA7CC4041031}" = Nero 8 Essentials
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{68D2A2E2-6B64-4433-8073-0605EB306C1B}" = Gothic 3 Gold
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0045-0000-0000-0000000FF1CE}" = Microsoft Expression Web 2
"{90120000-0045-0000-0000-0000000FF1CE}_XWeb_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0045-0407-0000-0000000FF1CE}" = Microsoft Expression Web 2 MUI (German)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie
"{A7472CEE-6E85-4D43-9C71-BDFC0D471F70}" = Intel® Viiv™ Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}" = Steinberg Cubase LE 4
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF131494-F5D8-45C5-938C-D5F020CF1B0D}" = Tom Clancy's Rainbow Six 3: Raven Shield
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B3B2E45F-A0FC-47C6-B399-72D9D8482C8A}" = Visual Basic for Applications (R) Core - German
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}" = Corel Graphics - Windows Shell Extension
"{BBBF4CFE-9D26-4D93-A869-B2B021B3CA85}" = Intel(R) PRO Network Connections 12.2.41.0
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C04D5974-F528-4347-A494-EAF56124CC1A}" = Steinberg HALionOne Essential Set
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAF7A270-55D5-455F-B0D1-6C51EADC1C3A}" = Presto! Mr. Photo 4
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}" = TVsweeper
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D8D22773-14BF-4178-A683-3DBA515C2A26}" = WISO Mein Geld 2008 Professional
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" = CorelDRAW Graphics Suite X5 - DE
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E0091C29-DEE8-4B24-BF65-8C35B5940D77}" = Letstrade
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"4shared.com Toolbar" = 4shared.com Toolbar
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Akamai" = Akamai NetSession Interface
"ALDI Foto Manager Free Sued D" = ALDI Foto Manager Free Sued
"ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued)
"ALDI Sued Foto Service D" = ALDI Sued Foto Service
"Aldi Süd Fotoservice_is1" = Aldi Süd Fotoservice
"AOL Deinstallation" = AOL Deinstallation
"AOL Installations-Manager" = AOL Installations-Manager
"AOL Toolbar 4.0" =
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"C-Media PCI Audio Driver" = Trust 5.1 Soundcard 14319
"conduitEngine" = Conduit Engine
"DivX Content Uploader" = DivX Content Uploader
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"easyclean" = devolo EasyClean
"easyshare" = devolo EasyShare
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Free FLV Converter_is1" = Free FLV Converter V 6.4
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"Guitar Pro 5_is1" = Guitar Pro 5.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"Intel(R) Configuration Center" = Intel® Viiv™ Software
"MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"Nvu_is1" = Nvu 1.0
"Picasa2" = Picasa 2
"PROSetDX" = Intel(R) PRO Network Connections 12.2.41.0
"RealPlayer 6.0" = RealPlayer
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shop for HP Supplies" = Shop for HP Supplies
"Spyware Doctor" = Spyware Doctor 6.0
"Syncrosoft License Control" = Syncrosoft Lizenz Kontrolle
"Tony Hawk's Pro Skater 3®" = Tony Hawk's Pro Skater 3®
"ViewpointMediaPlayer" = Viewpoint Media Player
"Vodafone WCDMA Composite Device Drive" = Vodafone WCDMA Composite Device Drive Software
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
"X10Hardware" = X10 Hardware(TM)
"Xvid_is1" = Xvid 1.1.2 final uninstall
"XWeb" = Microsoft Expression Web 2
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 23.04.2011 11:13:26 | Computer Name = Jul-PC | Source = WerSvc | ID = 5007
Description =
Error - 24.04.2011 07:15:32 | Computer Name = Jul-PC | Source = WerSvc | ID = 5007
Description =
Error - 24.04.2011 07:26:30 | Computer Name = Jul-PC | Source = RasClient | ID = 20227
Description =
Error - 24.04.2011 07:46:48 | Computer Name = Jul-PC | Source = WerSvc | ID = 5007
Description =
Error - 24.04.2011 07:50:02 | Computer Name = Jul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iCEyocHtffAu.exe, Version 1.8.0.0, Zeitstempel
0x21475346, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0xe1859e06, Prozess-ID 0x1660, Anwendungsstartzeit
01cc02756171acea.
Error - 24.04.2011 07:55:49 | Computer Name = Jul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16771, Zeitstempel
0x4907deda, fehlerhaftes Modul SHELL32.dll, Version 6.0.6000.16774, Zeitstempel
0x4912e93f, Ausnahmecode 0xc0000005, Fehleroffset 0x001090f8, Prozess-ID 0xc10,
Anwendungsstartzeit 01cc027550a76d5a.
Error - 24.04.2011 08:05:57 | Computer Name = Jul-PC | Source = RasClient | ID = 20227
Description =
Error - 24.04.2011 08:09:41 | Computer Name = Jul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iCEyocHtffAu.exe, Version 1.8.0.0, Zeitstempel
0x21475346, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0xe1859e06, Prozess-ID 0xf90, Anwendungsstartzeit
01cc0277c6aa14ba.
Error - 24.04.2011 08:09:58 | Computer Name = Jul-PC | Source = WerSvc | ID = 5007
Description =
Error - 24.04.2011 08:10:15 | Computer Name = Jul-PC | Source = RasClient | ID = 20227
Description =
[ Media Center Events ]
Error - 16.04.2008 13:28:35 | Computer Name = Jul-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.
Error - 18.04.2008 11:51:24 | Computer Name = Jul-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.
[ System Events ]
Error - 21.04.2011 04:56:19 | Computer Name = Jul-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.6 für die Netzwerkkarte mit der Netzwerkadresse
0015AF443F26 wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 21.04.2011 04:57:42 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.04.2011 06:04:31 | Computer Name = Jul-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.5 für die Netzwerkkarte mit der Netzwerkadresse
001D922215EA wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 22.04.2011 06:05:58 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.04.2011 06:22:20 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.04.2011 11:14:39 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 24.04.2011 08:02:08 | Computer Name = Jul-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description =
Error - 24.04.2011 08:02:08 | Computer Name = Jul-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 24.04.2011 08:05:34 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 24.04.2011 08:09:58 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >
|
| Themen zu TR/kazy.mekml.1...was nun? |
| 32 bit, alternate, aufgrund, avgntflt.sys, bildschirm, call of duty, conduit, cubase, datei, datein, druck, ergebnis, excel.exe, fast start, festplatte, funktionier, funktioniert, funktioniert nicht, gcs.exe, grand theft auto, herunter, heute, hoffe, iceyochtffau.exe, install.exe, intranet, loader, location, meldungen, microsoft office word, nutzung, nvlddmkm.sys, office 2007, oldtimer, opfer, picasa, platte, plug-in, problems, programm, programme, richtig, saver, sched.exe, schwarz, searchplugins, security scan, security update, shell32.dll, shortcut, skype.exe, start menu, start up, storm, visual studio, vodafone |
Baum-Darstellung