| amaterasu94 | 15.01.2012 19:02 |
Die Scanner haben Einiges gefunden, nur nicht das, was Avira gefunden hat! (Liegt das daran, dass ich die Datei in die Quarantäne getan habe? Hätte ich sie zum scannen wieder raus tun sollen?)
Den Malwarebytes-Log hab ich zur Sicherheit dreimal abgespeichert, lustigerweise is der jetz weg, 6 Stunden scannen umsonst -.-
Hab hier erstmal Reports von OTL und ESET, den Malwarebytes Log reiche ich noch nach, hoffe aber, dass das auch schon reicht ...
OTL:
OTL EXTRAS Logfile: Code:
OTL logfile created on: 13.01.2012 13:33:28 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\HP\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 45,10% Memory free
4,21 Gb Paging File | 2,85 Gb Available in Paging File | 67,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,82 Gb Total Space | 30,41 Gb Free Space | 21,15% Space Free | Partition Type: NTFS
Drive D: | 5,23 Gb Total Space | 1,18 Gb Free Space | 22,62% Space Free | Partition Type: NTFS
Computer Name: HP-PC | User Name: HP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.01.12 21:50:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\HP\Desktop\OTL.exe
PRC - [2011.12.15 15:00:00 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.12.15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.12.15 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.08.01 14:35:42 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2010.04.02 09:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.24 18:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010.03.24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.10.07 19:18:08 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\HP\Program Files\DNA\btdna.exe
PRC - [2009.05.21 22:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2009.05.21 21:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
PRC - [2009.05.21 21:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
PRC - [2009.05.21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009.02.14 22:21:44 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2009.02.14 22:12:50 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007.12.23 00:03:28 | 000,916,240 | ---- | M] (The Eraser Project) -- C:\Program Files\Eraser\Eraser.exe
PRC - [2007.09.07 17:55:00 | 001,175,552 | ---- | M] () -- C:\Program Files\WiFiConnector\NintendoWFCReg.exe
PRC - [2007.08.17 15:13:20 | 000,364,192 | ---- | M] () -- C:\Windows\System32\atwtusb.exe
PRC - [2007.06.25 17:12:36 | 001,969,824 | ---- | M] () -- C:\Windows\System32\WTMKM.exe
PRC - [2006.11.25 00:34:20 | 000,118,877 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
PRC - [2006.11.25 00:34:16 | 000,270,431 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
PRC - [2006.11.02 10:45:26 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
========== Modules (No Company Name) ==========
MOD - [2009.09.04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2007.09.07 17:55:00 | 001,175,552 | ---- | M] () -- C:\Program Files\WiFiConnector\NintendoWFCReg.exe
MOD - [2007.07.03 14:55:00 | 000,110,592 | ---- | M] () -- C:\Program Files\WiFiConnector\WIFICON.dll
MOD - [2007.06.25 17:12:36 | 001,969,824 | ---- | M] () -- C:\Windows\System32\WTMKM.exe
MOD - [2006.11.25 00:34:20 | 000,339,968 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
MOD - [2006.11.25 00:34:04 | 000,233,573 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
MOD - [2006.11.25 00:34:04 | 000,114,783 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
MOD - [2006.11.25 00:34:04 | 000,032,768 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
MOD - [2006.08.28 17:29:00 | 000,180,224 | ---- | M] () -- C:\Windows\System32\ATWTINK.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2011.12.15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.05.21 22:13:36 | 000,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009.05.21 22:03:06 | 000,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009.02.20 16:41:22 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.02.14 22:21:43 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.08.17 15:13:20 | 000,364,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\atwtusb.exe -- (WTService)
SRV - [2006.11.25 00:34:20 | 000,118,877 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2006.11.25 00:34:16 | 000,270,431 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006.06.26 18:50:08 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)
SRV - [2004.10.22 12:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2011.12.15 15:00:00 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.12.15 15:00:00 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.12.15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.01.09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2007.11.02 14:22:38 | 000,105,896 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s217unic.sys -- (s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM)
DRV - [2007.11.02 14:22:38 | 000,103,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s217mgmt.sys -- (s217mgmt) Sony Ericsson Device 217 USB WMC Device Management Drivers (WDM)
DRV - [2007.11.02 14:22:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s217obex.sys -- (s217obex)
DRV - [2007.11.02 14:22:38 | 000,024,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s217nd5.sys -- (s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS)
DRV - [2007.11.02 14:22:36 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s217mdm.sys -- (s217mdm)
DRV - [2007.11.02 14:22:36 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s217bus.sys -- (s217bus) Sony Ericsson Device 217 driver (WDM)
DRV - [2007.11.02 14:22:36 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s217mdfl.sys -- (s217mdfl)
DRV - [2007.07.03 15:05:00 | 000,162,944 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RT25USBAP.SYS -- (RT25USBAP)
DRV - [2006.12.18 22:31:46 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2006.12.18 22:31:46 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2006.12.07 05:25:00 | 004,456,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006.11.18 20:32:16 | 000,145,920 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2006.11.15 18:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006.11.15 13:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.15 11:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006.11.02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.09.15 09:44:18 | 000,011,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006.08.05 10:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006.06.28 18:57:00 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006.06.28 18:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2004.12.30 22:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=laptop
IE - HKLM\..\URLSearchHook: {33b974a8-e892-4f5f-bd17-f7b0331843d5} - C:\Program Files\techno4ever\tbtech.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {33b974a8-e892-4f5f-bd17-f7b0331843d5} - C:\Program Files\techno4ever\tbtech.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://zebrabuntbarsch.getwatchers.com/"
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.7
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre1.6.0_14\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\HP\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\HP\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\HP\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\HP\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.02.17 13:40:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.24 13:15:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.24 13:15:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\HP\Program Files\DNA [2012.01.12 19:12:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.02.17 13:40:00 | 000,000,000 | ---D | M]
[2009.02.13 17:37:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP\AppData\Roaming\mozilla\Extensions
[2012.01.12 19:24:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP\AppData\Roaming\mozilla\Firefox\Profiles\vhf6brg6.default\extensions
[2011.08.19 14:06:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\HP\AppData\Roaming\mozilla\Firefox\Profiles\vhf6brg6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.08.19 14:07:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\HP\AppData\Roaming\mozilla\Firefox\Profiles\vhf6brg6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.08.19 14:06:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\HP\AppData\Roaming\mozilla\Firefox\Profiles\vhf6brg6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.08.19 14:06:56 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\HP\AppData\Roaming\mozilla\Firefox\Profiles\vhf6brg6.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011.12.19 19:55:24 | 000,003,915 | ---- | M] () -- C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\vhf6brg6.default\searchplugins\sweetim.xml
[2012.01.12 20:56:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.10.14 13:43:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2010.02.17 13:40:00 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2012.01.12 19:12:46 | 000,000,000 | ---D | M] (No name found) -- C:\USERS\HP\PROGRAM FILES\DNA
[2008.09.04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.14 17:34:07 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.03.14 17:34:07 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.14 17:34:07 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.03.14 17:34:07 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.03.14 17:34:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\HP\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U18 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\HP\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\HP\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\HP\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (techno4ever Toolbar) - {33b974a8-e892-4f5f-bd17-f7b0331843d5} - C:\Program Files\techno4ever\tbtech.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.6.0_14\bin\jp2ssv.dll File not found
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (techno4ever Toolbar) - {33b974a8-e892-4f5f-bd17-f7b0331843d5} - C:\Program Files\techno4ever\tbtech.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (techno4ever Toolbar) - {33B974A8-E892-4F5F-BD17-F7B0331843D5} - C:\Program Files\techno4ever\tbtech.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [MacrokeyManager] C:\Windows\System32\WTMKM.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe File not found
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\HP\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4 - HKCU..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" File not found
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O8 - Extra context menu item: Web-Suche - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21EFE5F9-A076-40F6-9E50-6E4B14693759}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\HP\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\HP\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.09.11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{6d3c7fac-b6e8-11de-bdbf-00163698aaf8}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.01.12 21:50:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\HP\Desktop\OTL.exe
[2012.01.08 20:23:23 | 000,000,000 | ---D | C] -- C:\Users\HP\Desktop\Handybilder
[2011.12.24 14:05:51 | 000,000,000 | ---D | C] -- C:\Users\HP\AppData\Roaming\Avira
[2011.12.24 13:28:39 | 000,000,000 | ---D | C] -- C:\Program Files\MedienTeam66
[2011.12.24 13:21:05 | 051,589,251 | ---- | C] (MedienTeam66 Verlags GmbH ) -- C:\Users\HP\Desktop\DruckShopWeihnachten.exe
[2011.12.24 13:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.12.24 13:11:31 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.12.24 13:11:23 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.12.24 13:11:23 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.12.24 13:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.12.24 13:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.12.19 19:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdlSoft Uncompressor
[2011.12.19 19:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\ADLSoft UnCompressor
[2011.12.19 19:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2011.12.19 19:55:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2011.12.19 19:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBattle
[2011.12.19 19:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\NetBattle
[2011.12.19 19:40:27 | 006,360,583 | ---- | C] (pmnb.net ) -- C:\Users\HP\Desktop\Setup097.exe
[2011.12.15 19:20:56 | 000,000,000 | ---D | C] -- C:\Users\HP\AppData\Roaming\Canon
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.01.13 13:21:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3743977050-3487034233-3216743237-1000UA.job
[2012.01.13 13:19:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.13 13:12:46 | 000,055,284 | ---- | M] () -- C:\Users\HP\AppData\Roaming\nvModes.dat
[2012.01.13 13:12:46 | 000,055,284 | ---- | M] () -- C:\Users\HP\AppData\Roaming\nvModes.001
[2012.01.13 12:59:00 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.13 12:59:00 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.13 11:59:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.12 21:50:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\HP\Desktop\OTL.exe
[2012.01.12 19:19:00 | 000,000,412 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2436B87B-0F2F-4277-A2C7-9AD3E5003570}.job
[2012.01.12 19:14:06 | 000,000,147 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012.01.12 19:10:11 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.12 19:09:43 | 2146,025,472 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.11 17:21:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3743977050-3487034233-3216743237-1000Core.job
[2012.01.08 20:21:47 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.08 20:21:47 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.08 20:21:47 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.08 20:21:46 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.08 14:43:21 | 000,065,567 | ---- | M] () -- C:\Users\HP\Desktop\57a6b2fc-52047506.jpg
[2012.01.08 14:43:06 | 000,060,028 | ---- | M] () -- C:\Users\HP\Desktop\3ef234df-52041057.jpg
[2012.01.08 14:42:53 | 000,053,360 | ---- | M] () -- C:\Users\HP\Desktop\4dfd8557-52040900.jpg
[2012.01.08 14:42:44 | 000,108,499 | ---- | M] () -- C:\Users\HP\Desktop\fdfc4a36-52040941.jpg
[2012.01.06 17:12:03 | 000,014,258 | ---- | M] () -- C:\Users\HP\.recently-used.xbel
[2012.01.05 17:49:50 | 001,353,990 | ---- | M] () -- C:\Users\HP\Desktop\the_so_called_lineart_by_cottondragon-d4guzn2.psd
[2012.01.05 16:50:45 | 000,214,194 | ---- | M] () -- C:\Users\HP\Desktop\the_so_called_lineart_by_cottondragon-d4guzn2.png
[2012.01.03 17:37:05 | 001,137,538 | ---- | M] () -- C:\Users\HP\Desktop\little_shen_by_apofiss-d3jk7oi.jpg
[2012.01.03 17:36:23 | 000,709,935 | ---- | M] () -- C:\Users\HP\Desktop\sanctuary_revisit_by_apofiss-d41h14w.jpg
[2012.01.03 17:35:56 | 000,279,812 | ---- | M] () -- C:\Users\HP\Desktop\sweet_nightmare_paper_by_apofiss-d4ka0sa.jpg
[2011.12.31 15:34:50 | 005,009,277 | ---- | M] () -- C:\Users\HP\Desktop\DSC06460.png
[2011.12.31 15:10:12 | 004,358,144 | ---- | M] () -- C:\Users\HP\Desktop\DSC06470.JPG
[2011.12.31 15:10:10 | 004,325,376 | ---- | M] () -- C:\Users\HP\Desktop\DSC06469.JPG
[2011.12.31 15:10:06 | 004,259,840 | ---- | M] () -- C:\Users\HP\Desktop\DSC06468.JPG
[2011.12.31 15:10:02 | 004,620,288 | ---- | M] () -- C:\Users\HP\Desktop\DSC06467.JPG
[2011.12.31 15:09:48 | 004,456,448 | ---- | M] () -- C:\Users\HP\Desktop\DSC06466.JPG
[2011.12.31 15:09:48 | 004,456,448 | ---- | M] () -- C:\Users\HP\Desktop\DSC06465.JPG
[2011.12.31 15:09:36 | 004,390,912 | ---- | M] () -- C:\Users\HP\Desktop\DSC06464.JPG
[2011.12.31 15:09:22 | 005,144,576 | ---- | M] () -- C:\Users\HP\Desktop\DSC06463.JPG
[2011.12.31 15:09:02 | 005,308,416 | ---- | M] () -- C:\Users\HP\Desktop\DSC06462.JPG
[2011.12.31 14:59:50 | 006,324,224 | ---- | M] () -- C:\Users\HP\Desktop\DSC06461.JPG
[2011.12.31 14:59:48 | 006,389,760 | ---- | M] () -- C:\Users\HP\Desktop\DSC06460.JPG
[2011.12.31 14:59:26 | 005,177,344 | ---- | M] () -- C:\Users\HP\Desktop\DSC06459.JPG
[2011.12.31 14:58:40 | 004,554,752 | ---- | M] () -- C:\Users\HP\Desktop\DSC06458.JPG
[2011.12.31 14:58:38 | 004,685,824 | ---- | M] () -- C:\Users\HP\Desktop\DSC06457.JPG
[2011.12.31 14:58:34 | 005,799,936 | ---- | M] () -- C:\Users\HP\Desktop\DSC06456.JPG
[2011.12.30 15:14:45 | 086,385,335 | ---- | M] () -- C:\Users\HP\Desktop\DJ Danny - Housebreak Vol-6-1.mp3
[2011.12.27 17:01:10 | 000,000,680 | ---- | M] () -- C:\Users\HP\AppData\Local\d3d9caps.dat
[2011.12.24 13:38:38 | 000,033,154 | ---- | M] () -- C:\Users\HP\Desktop\hunde-weihnachten.jpg
[2011.12.24 13:38:38 | 000,033,154 | ---- | M] () -- C:\Users\HP\Desktop\hunde-weihnachten - Kopie.jpg
[2011.12.24 13:37:45 | 000,038,712 | ---- | M] () -- C:\Users\HP\Desktop\ViewFotoCommunity-1302468.jpg
[2011.12.24 13:27:19 | 051,589,251 | ---- | M] (MedienTeam66 Verlags GmbH ) -- C:\Users\HP\Desktop\DruckShopWeihnachten.exe
[2011.12.24 13:12:26 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.19 20:14:57 | 000,030,909 | ---- | M] () -- C:\Users\HP\Desktop\jahresbericht_05_head.jpg
[2011.12.19 19:53:38 | 001,165,096 | ---- | M] () -- C:\Users\HP\Desktop\ADLSoft_UnCompressor_triple_2nd_offer_0412_s.exe
[2011.12.19 19:41:00 | 006,360,583 | ---- | M] (pmnb.net ) -- C:\Users\HP\Desktop\Setup097.exe
[2011.12.15 15:00:00 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.12.15 15:00:00 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.12.15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.01.08 14:43:20 | 000,065,567 | ---- | C] () -- C:\Users\HP\Desktop\57a6b2fc-52047506.jpg
[2012.01.08 14:43:05 | 000,060,028 | ---- | C] () -- C:\Users\HP\Desktop\3ef234df-52041057.jpg
[2012.01.08 14:42:52 | 000,053,360 | ---- | C] () -- C:\Users\HP\Desktop\4dfd8557-52040900.jpg
[2012.01.08 14:42:40 | 000,108,499 | ---- | C] () -- C:\Users\HP\Desktop\fdfc4a36-52040941.jpg
[2012.01.06 17:12:03 | 000,014,258 | ---- | C] () -- C:\Users\HP\.recently-used.xbel
[2012.01.05 17:49:48 | 001,353,990 | ---- | C] () -- C:\Users\HP\Desktop\the_so_called_lineart_by_cottondragon-d4guzn2.psd
[2012.01.05 16:50:41 | 000,214,194 | ---- | C] () -- C:\Users\HP\Desktop\the_so_called_lineart_by_cottondragon-d4guzn2.png
[2012.01.03 17:37:00 | 001,137,538 | ---- | C] () -- C:\Users\HP\Desktop\little_shen_by_apofiss-d3jk7oi.jpg
[2012.01.03 17:36:21 | 000,709,935 | ---- | C] () -- C:\Users\HP\Desktop\sanctuary_revisit_by_apofiss-d41h14w.jpg
[2012.01.03 17:35:52 | 000,279,812 | ---- | C] () -- C:\Users\HP\Desktop\sweet_nightmare_paper_by_apofiss-d4ka0sa.jpg
[2011.12.31 15:34:38 | 005,009,277 | ---- | C] () -- C:\Users\HP\Desktop\DSC06460.png
[2011.12.31 15:10:12 | 004,358,144 | ---- | C] () -- C:\Users\HP\Desktop\DSC06470.JPG
[2011.12.31 15:10:10 | 004,325,376 | ---- | C] () -- C:\Users\HP\Desktop\DSC06469.JPG
[2011.12.31 15:10:06 | 004,259,840 | ---- | C] () -- C:\Users\HP\Desktop\DSC06468.JPG
[2011.12.31 15:10:02 | 004,620,288 | ---- | C] () -- C:\Users\HP\Desktop\DSC06467.JPG
[2011.12.31 15:09:48 | 004,456,448 | ---- | C] () -- C:\Users\HP\Desktop\DSC06466.JPG
[2011.12.31 15:09:48 | 004,456,448 | ---- | C] () -- C:\Users\HP\Desktop\DSC06465.JPG
[2011.12.31 15:09:36 | 004,390,912 | ---- | C] () -- C:\Users\HP\Desktop\DSC06464.JPG
[2011.12.31 15:09:22 | 005,144,576 | ---- | C] () -- C:\Users\HP\Desktop\DSC06463.JPG
[2011.12.31 15:09:02 | 005,308,416 | ---- | C] () -- C:\Users\HP\Desktop\DSC06462.JPG
[2011.12.31 14:59:50 | 006,324,224 | ---- | C] () -- C:\Users\HP\Desktop\DSC06461.JPG
[2011.12.31 14:59:48 | 006,389,760 | ---- | C] () -- C:\Users\HP\Desktop\DSC06460.JPG
[2011.12.31 14:59:26 | 005,177,344 | ---- | C] () -- C:\Users\HP\Desktop\DSC06459.JPG
[2011.12.31 14:58:40 | 004,554,752 | ---- | C] () -- C:\Users\HP\Desktop\DSC06458.JPG
[2011.12.31 14:58:38 | 004,685,824 | ---- | C] () -- C:\Users\HP\Desktop\DSC06457.JPG
[2011.12.31 14:58:34 | 005,799,936 | ---- | C] () -- C:\Users\HP\Desktop\DSC06456.JPG
[2011.12.30 15:08:12 | 086,385,335 | ---- | C] () -- C:\Users\HP\Desktop\DJ Danny - Housebreak Vol-6-1.mp3
[2011.12.24 13:40:32 | 000,033,154 | ---- | C] () -- C:\Users\HP\Desktop\hunde-weihnachten - Kopie.jpg
[2011.12.24 13:38:37 | 000,033,154 | ---- | C] () -- C:\Users\HP\Desktop\hunde-weihnachten.jpg
[2011.12.24 13:37:42 | 000,038,712 | ---- | C] () -- C:\Users\HP\Desktop\ViewFotoCommunity-1302468.jpg
[2011.12.24 13:12:26 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.19 20:14:56 | 000,030,909 | ---- | C] () -- C:\Users\HP\Desktop\jahresbericht_05_head.jpg
[2011.12.19 19:53:31 | 001,165,096 | ---- | C] () -- C:\Users\HP\Desktop\ADLSoft_UnCompressor_triple_2nd_offer_0412_s.exe
[2010.05.09 16:29:40 | 000,000,000 | ---- | C] () -- C:\Users\HP\AppData\Roaming\wklnhst.dat
[2010.02.17 13:23:12 | 000,178,842 | ---- | C] () -- C:\Windows\hpoins44.dat
[2010.02.17 13:23:11 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2009.08.14 13:13:22 | 000,000,680 | ---- | C] () -- C:\Users\HP\AppData\Local\d3d9caps.dat
[2009.08.09 21:22:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.14 20:04:34 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.06.02 17:27:27 | 000,044,544 | ---- | C] () -- C:\Windows\System32\Gif89.dll
[2009.04.15 18:11:22 | 000,000,000 | ---- | C] () -- C:\Users\HP\AppData\Local\rx_image.Cache
[2009.02.27 19:10:22 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009.02.26 11:44:59 | 000,364,192 | ---- | C] () -- C:\Windows\System32\atwtusb.exe
[2009.02.26 11:44:59 | 000,045,056 | ---- | C] () -- C:\Windows\System32\InstallService.exe
[2009.02.26 11:44:58 | 001,969,824 | ---- | C] () -- C:\Windows\System32\WTMKM.exe
[2009.02.26 11:44:58 | 000,180,224 | ---- | C] () -- C:\Windows\System32\ATWTINK.DLL
[2009.02.26 11:44:58 | 000,102,048 | ---- | C] () -- C:\Windows\RmTablet.exe
[2009.02.26 11:44:58 | 000,013,951 | ---- | C] () -- C:\Windows\System32\Photoshop Elements.ini
[2009.02.26 11:44:58 | 000,010,361 | ---- | C] () -- C:\Windows\System32\PhotoImpact XL SE.ini
[2009.02.26 11:44:58 | 000,007,633 | ---- | C] () -- C:\Windows\System32\Vista.ini
[2009.02.26 11:44:58 | 000,007,341 | ---- | C] () -- C:\Windows\System32\XP_2000.ini
[2009.02.26 11:44:58 | 000,006,435 | ---- | C] () -- C:\Windows\aiptbl.ini
[2009.02.26 11:44:58 | 000,000,574 | ---- | C] () -- C:\Windows\System32\MKProfile.ini
[2009.02.10 17:23:01 | 000,055,284 | ---- | C] () -- C:\Users\HP\AppData\Roaming\nvModes.001
[2009.02.10 17:22:59 | 000,055,284 | ---- | C] () -- C:\Users\HP\AppData\Roaming\nvModes.dat
[2009.02.10 16:49:07 | 000,024,064 | ---- | C] () -- C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.11.29 08:32:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006.11.02 16:33:31 | 000,641,344 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 16:33:31 | 000,116,706 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 001,693,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,610,142 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,103,924 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 08:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.09.19 08:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006.09.19 08:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006.03.10 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.12.15 06:17:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2005.05.07 13:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2001.06.21 12:13:48 | 000,081,332 | ---- | C] () -- C:\Windows\System32\bass.dll
[1999.01.26 23:00:00 | 000,114,816 | ---- | C] () -- C:\Windows\System32\MSMT4232.DLL
========== LOP Check ==========
[2012.01.11 19:08:23 | 000,032,520 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.01.12 19:19:00 | 000,000,412 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2436B87B-0F2F-4277-A2C7-9AD3E5003570}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2009.02.10 16:45:23 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.01.26 16:48:30 | 000,000,000 | -HSD | M] -- C:\boot
[2012.01.12 21:26:22 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2006.11.10 10:44:10 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2007.01.19 05:03:11 | 000,000,000 | -H-D | M] -- C:\HP
[2011.12.24 13:28:39 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.12.24 13:11:10 | 000,000,000 | ---D | M] -- C:\ProgramData
[2006.11.10 10:44:10 | 000,000,000 | -HSD | M] -- C:\Programme
[2009.02.10 16:44:08 | 000,000,000 | ---D | M] -- C:\SwSetup
[2012.01.13 13:39:40 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.02.10 16:44:08 | 000,000,000 | -H-D | M] -- C:\System.sav
[2009.02.10 16:40:07 | 000,000,000 | R--D | M] -- C:\Users
[2011.12.19 20:59:11 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.manifest /3 >
< MD5 for: AFD.SYS >
[2006.11.02 09:58:43 | 000,270,336 | ---- | M] (Microsoft Corporation) MD5=5D24CAF8EFD924A875698FF28384DB8B -- C:\Windows\System32\drivers\afd.sys
[2006.11.02 09:58:43 | 000,270,336 | ---- | M] (Microsoft Corporation) MD5=5D24CAF8EFD924A875698FF28384DB8B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6000.16386_none_d5b1809661820e7c\afd.sys
[2008.01.19 06:57:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=763E172A55177E478CB419F88FD0BA03 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[2009.04.11 05:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=A201207363AA900ABF1A388468688570 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
< MD5 for: EXPLORER.EXE >
[2009.02.14 22:12:50 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2009.02.14 22:12:50 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.02.14 22:12:49 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.02.14 22:12:49 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.02.14 22:25:51 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2009.02.14 22:25:51 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.02.14 22:12:50 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
< MD5 for: REGEDIT.EXE >
[2006.11.02 10:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\regedit.exe
[2006.11.02 10:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\System32\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-01-13 12:45:02
< >
< End of report >
--- --- ---
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 13.01.2012 13:33:28 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\HP\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 45,10% Memory free
4,21 Gb Paging File | 2,85 Gb Available in Paging File | 67,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,82 Gb Total Space | 30,41 Gb Free Space | 21,15% Space Free | Partition Type: NTFS
Drive D: | 5,23 Gb Total Space | 1,18 Gb Free Space | 22,62% Space Free | Partition Type: NTFS
Computer Name: HP-PC | User Name: HP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05008243-184D-40B5-BA09-EA888A0CE168}" = rport=138 | protocol=17 | dir=out | app=system |
"{09B7299D-A609-479F-85B3-9016315D1363}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{0C3BC2C7-B794-4F5B-87AE-029007DC6046}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0E0210CB-DD98-4EEF-BA1B-ECBFBEB7720F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{13BCEF82-EBE5-4A0C-92B1-64A4D436A21A}" = lport=10244 | protocol=6 | dir=in | app=system |
"{17FAD226-8AA5-41BB-8AC2-4D0A767CC547}" = rport=445 | protocol=6 | dir=out | app=system |
"{300962F4-685A-41DC-BC05-085C3FFEF64B}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{3DE777EC-D74B-4BCF-A8AB-2F5233D5B9AD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{422C91D6-A61B-42BF-9FBB-6E2243587F02}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{45AD23BE-0D1E-4CE0-B8E9-B6439BE9EBA7}" = rport=139 | protocol=6 | dir=out | app=system |
"{4E6AC1D7-B4F9-48F6-B19B-424E220C7E08}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{6D47CC22-7752-40E8-8CF6-59EB8005061B}" = lport=139 | protocol=6 | dir=in | app=system |
"{6E6ECA3E-D1C6-4533-BEB5-8A3A5DF3E5A0}" = lport=137 | protocol=17 | dir=in | app=system |
"{79CE1E09-B740-4F76-841B-53BC3FF675B6}" = rport=10244 | protocol=6 | dir=out | app=system |
"{7E096E23-6A53-4AA6-A095-C10346B2CD7A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{93804385-D091-4DAA-8229-002CEF8B84CC}" = lport=3390 | protocol=6 | dir=in | app=system |
"{9F401667-CCE6-4255-A6C1-AC33514C9D9A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{A1564F56-EB8E-4094-B335-F282E6051A5A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A3FAEE75-B49E-4D0C-B9A1-29ED533DC970}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BF9FE396-F216-446B-BB0F-35BE171BB623}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{C310B420-D4DC-4713-BD97-01BF096B6288}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C5AD44BF-4292-4787-AA5A-334ECE109CF6}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C65AEB7A-7A9E-4EB1-88B2-759E55934CD1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C8F04D80-998F-4CD9-81A9-ED1BBD3D0980}" = rport=2869 | protocol=6 | dir=out | app=system |
"{CC5EF2AF-3F3B-4B6D-8191-253C85A874D8}" = rport=137 | protocol=17 | dir=out | app=system |
"{D26D270F-AB74-41C5-9215-7FD1E3C14442}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D3400130-AFED-41CB-AD57-B4992036CE10}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8A1D1DF-410B-4B4B-A5B9-5DC00C788650}" = lport=138 | protocol=17 | dir=in | app=system |
"{DD7F258C-06B6-4939-A16D-E6988EB2631D}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F11E8370-FA2F-4EFC-A697-4F5E9C6FF930}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FBC8709F-76FD-4508-8397-24AEB678654E}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D1E0EE-F33D-4F6F-9ED7-96D4AC442162}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{04C229E0-FE53-46F2-8342-E2032FBC7303}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{169CB7B7-7547-47BA-B7C4-1670F0DFD442}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqkygrp.exe |
"{18B0A5F4-C526-4348-BC31-63373F740571}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{1D385712-B1C2-455D-879E-5690B57BFCDF}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{1E300940-6127-481E-95D5-C8240F58F9BA}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpiscnapp.exe |
"{21E8BDB7-9E29-473C-9FA9-3ECD2E0332F9}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{27C40579-44E6-4B3D-8BB5-B3F48571BFAA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{289D0CAE-949C-4203-9CFE-9415FE80EB60}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2F767967-79BA-4E46-97CE-2151DA8630BA}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\smart web printing\smartwebprintexe.exe |
"{3884DD82-1DA1-49C4-9DA5-EC10A8114254}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4187A0E6-2CCA-4381-86B8-E29A6D462FAA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{45452186-D502-402C-92E1-399C4D5EE5F8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4DEC4480-9239-4210-9AF1-3264048998BE}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hposid01.exe |
"{617888FF-561F-46AB-9C50-7295C67B7F18}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqgplgtupl.exe |
"{6785E521-3E72-47A9-8DC0-C9B1F91A308E}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{725C4154-11F5-4DFB-85CD-B04490870244}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{7338E2D8-C5D1-4425-AE2B-6E88636A471D}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{7AB5D0B4-578F-4900-9AD5-4580A8BC4765}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe |
"{84AA5F9D-5FAB-4152-95C4-682C861C4516}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpoews01.exe |
"{8AB4184F-E5A7-480C-BB65-73F6B20CB4F8}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{8D7D663D-C59A-45FD-ABA5-49BBCD11AD75}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpfccopy.exe |
"{8D7F67BD-8909-47A7-A9D6-77614FE20ADD}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{977E00CF-159E-4DAF-8D81-CEBF3933C766}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqusgm.exe |
"{9C096988-5E56-4DD2-AFF7-A2632159DC1C}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqgpc01.exe |
"{9D2281A6-3972-4A92-8F36-11599EAD2B11}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{9E79FA8A-FF83-4108-9A0C-4D21CBDF1EB5}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{A0E929C9-37F1-4BE4-A3C1-0D4D87669E1A}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{A48C03BA-2FCB-43FE-8E68-D5C07EB45395}" = protocol=6 | dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{A8EFDE88-8FC4-4089-AA74-ECBEEC2204D8}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{B3D0576C-A83C-44D4-B929-7A59B731E8DB}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{C50DA25A-0888-4B1C-9FA2-4A62B95BD8B1}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqusgh.exe |
"{CB5F2784-91F3-4A35-82AE-1BC3310072D8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D94952F8-69D9-4C18-8CF4-CBDD53F1F44D}" = dir=in | app=c:\program files\wificonnector\nintendowfcreg.exe |
"{DA923ECA-31C6-48F3-B5B9-5F2247B97F79}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E706774F-5B3C-4F8E-A8AE-9E1D94656E1C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E77A6177-5A14-4E40-B7F9-6E1FD099A087}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{EA52B341-D4A2-41F2-9D55-C39BCE58F04D}" = protocol=17 | dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{EDB1DBEA-B0BD-4AF7-A0E9-78FCB15A1CA6}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{EE0B4DD5-48BA-4A86-8D16-FF8A08B14E7D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{F1549748-6A16-4D4D-97E5-99A843790F6C}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqcopy2.exe |
"{F1D65163-B206-423D-B566-0489F0FA9A1D}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{F2FDC328-A099-447B-B265-618E24765536}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{FA8CB0A0-ACA4-422A-98F7-11E02753E066}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqste08.exe |
"{FCB0B4A6-B953-4ECB-B929-14AD92241FA0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FE47339C-1EED-455B-85C3-B604A11651B3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{6CB467FE-162E-48AA-876A-B2B9453DCAFD}C:\users\hp\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\hp\program files\dna\btdna.exe |
"TCP Query User{9B31CC14-C149-4C5C-9D59-AEF8F7C8BCE5}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{9ED214E8-DFE8-4F93-9A92-9E4D5F0013BF}C:\users\hp\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\hp\program files\dna\btdna.exe |
"TCP Query User{A15EDE90-1A41-4024-B5B3-B5EC7AD98E79}C:\program files\netbattle supremacy\pokebattle.exe" = protocol=6 | dir=in | app=c:\program files\netbattle supremacy\pokebattle.exe |
"TCP Query User{AF7222C2-BDD3-4FB7-8BBB-C2E20BD27128}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{E62CAF64-1193-4457-9455-75D543FC7B90}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{E6572A67-886E-42BA-88ED-681E18226ECC}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{E69A93EE-657F-4AB8-AE96-365A8F6060D5}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{038D6E1C-1693-4A44-807D-A5A5071E1A08}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{058B3182-BCBD-4712-A81F-EA3256B01999}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{0C6023F2-E71D-49B0-A566-0D2F043816E0}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{10CEB137-311B-486B-91AD-1E19E6D33443}C:\users\hp\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\hp\program files\dna\btdna.exe |
"UDP Query User{4141B07D-9D53-42B3-A259-E2B5FA9BF834}C:\users\hp\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\hp\program files\dna\btdna.exe |
"UDP Query User{BD8231C6-5934-439D-B44C-623D6657BB3B}C:\program files\netbattle supremacy\pokebattle.exe" = protocol=17 | dir=in | app=c:\program files\netbattle supremacy\pokebattle.exe |
"UDP Query User{C2C67A7D-F146-4DCB-9D9F-ACA7DD0BCBD4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{CB059976-9D84-437E-95C5-48D36492AA5F}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}" = HP Wireless Assistant
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21E62565-8639-457C-B64C-A3FF0A8B4D80}" = HP Active Support Library
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 B9
"{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.0
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65D251BB-7B37-40A3-AEAE-75D7AEC35B03}" = Abenteuer auf dem Reiterhof 3 - Das Erbe der Gräfin
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}" = SweetIM Toolbar for Internet Explorer 4.2
"{A81A974F-8A22-43E6-9243-5198FF758DA1}" = SweetIM for Messenger 3.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A80000000002}" = Adobe Reader 8 - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5CEFEDA-38DF-4F94-A392-C86163CB9965}" = HP User Guide 0041
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}" = HP Help and Support
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.0.9.8
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = ASL_HS_Installer32
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CamStudio" = CamStudio
"Canon MG5200 series Benutzerregistrierung" = Canon MG5200 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = Soft Data Fax Modem with SmartCP
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"FileZilla" = FileZilla (remove only)
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.4
"Free Audio Dub_is1" = Free Audio Dub version 1.7.9.908
"Free Video Converter_is1" = Free Video Converter V 2.1
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HyperCam 2" = HyperCam 2
"ImgBurn" = ImgBurn
"Inkscape" = Inkscape 0.46
"LastFM_is1" = Last.fm 1.5.4.27091
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Mp3tag" = Mp3tag v2.46a
"NetBattle_is1" = NetBattle
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"Rmtablet" = Pen Pad Driver with Macro Key Manager
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Shop for HP Supplies" = Shop for HP Supplies
"SUPER ©" = SUPER © Version 2010.bld.37 (Jan 2, 2010)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T4EPlayer" = T4E Player
"techno4ever Toolbar" = techno4ever Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"WiFiConnector" = Registrierungsprogramm für den Nintendo Wi-Fi USB Connector
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"Eraser" = Eraser
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10.10.2010 04:23:56 | Computer Name = HP-PC | Source = Bonjour Service | ID = 100
Description = 388: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 10.10.2010 04:23:56 | Computer Name = HP-PC | Source = Bonjour Service | ID = 100
Description = 392: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 11.10.2010 17:16:12 | Computer Name = HP-PC | Source = Bonjour Service | ID = 100
Description = 372: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 11.10.2010 17:16:13 | Computer Name = HP-PC | Source = Bonjour Service | ID = 100
Description = 380: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 12.10.2010 14:41:45 | Computer Name = HP-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3909 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1470 Anfangszeit: 01cb6a062a39e49b Zeitpunkt der Beendigung:
26
Error - 12.10.2010 17:32:05 | Computer Name = HP-PC | Source = Bonjour Service | ID = 100
Description = 372: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 15.10.2010 15:39:29 | Computer Name = HP-PC | Source = Bonjour Service | ID = 100
Description = 372: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 15.10.2010 15:39:29 | Computer Name = HP-PC | Source = Bonjour Service | ID = 100
Description = 380: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 15.10.2010 15:39:29 | Computer Name = HP-PC | Source = Bonjour Service | ID = 100
Description = 384: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 15.10.2010 15:39:29 | Computer Name = HP-PC | Source = Bonjour Service | ID = 100
Description = 388: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
[ System Events ]
Error - 10.01.2012 11:00:47 | Computer Name = HP-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
4, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 10.01.2012 11:05:01 | Computer Name = HP-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 10.01.2012 11:05:01 | Computer Name = HP-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11.01.2012 08:17:58 | Computer Name = HP-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
2, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 11.01.2012 08:17:58 | Computer Name = HP-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
3, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 11.01.2012 08:17:58 | Computer Name = HP-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
4, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 12.01.2012 14:09:23 | Computer Name = HP-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
2, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 12.01.2012 14:09:23 | Computer Name = HP-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
3, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 12.01.2012 14:09:23 | Computer Name = HP-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
4, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 12.01.2012 15:02:44 | Computer Name = HP-PC | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
< End of report >
--- --- ---
[/CODE]
ESET: Code:
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=bf90a8c0652d234a933f9873d71c1edb
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-15 05:31:08
# local_time=2012-01-15 06:31:08 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6000 NT
# compatibility_mode=1792 16777191 100 0 1907816 1907816 0 0
# compatibility_mode=5892 16776573 100 100 181414 164169211 0 0
# compatibility_mode=8192 67108863 100 0 86427 86427 0 0
# scanned=237255
# found=4
# cleaned=0
# scan_time=12183
C:\Users\HP\AppData\Local\Temp\jar_cache4425.tmp a variant of Java/TrojanDownloader.OpenStream.NCM trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\HP\AppData\Local\Temp\Update_bb57.exe a variant of Win32/MessengerPlus.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\HP\Desktop\SoftonicDownloader_fuer_light-image-resizer.exe Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I
C:\Users\HP\Downloads\Setup_FreeVideoConverter.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
|
