Polizei/Bundes-Trojaner
Hallo,
ich habe mir einen Polizeitrojaner eingefangen (Win Vista 32-bit) und benötige dringend Hilfe, damit ich weiterhin arbeiten kann.
Der "Trojanerbildschirm" mit den Kaufoptionen taucht etwa 30~45 sek. nach Login auf. Vorher kann ich z.B. noch den Taskmanager etc. öffnen. Auf dem Bildschirm werde ich aufgefordert 100€ zu bezahlen und ein Webcam-Stream ist ebenfalls zu sehen, obwohl ich keine besitze.
Ich möchte nebenbei erwähnen, dass neben Windows auch noch Linux Ubuntu installiert ist.
MWB Log-Datei: Code:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Datenbank Version: v2012.12.28.11
Windows Vista Service Pack 2 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Tei :: DOR [Administrator]
28.12.2012 22:36:21
mbam-log-2012-12-28 (22-36-21).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 589336
Laufzeit: 1 Stunde(n), 30 Minute(n), 9 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 4
C:\Program Files\Hotspot Shield\bin\fbw.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Tei\wgsdgsdgdsgsd.dll (Exploit.Drop.GS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Tei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk (Trojan.Ransom.SUGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
OTL Dateien
OTL.txt: Code:
OTL logfile created on: 29.12.2012 00:21:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tei\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 83,69% Memory free
6,20 Gb Paging File | 5,91 Gb Available in Paging File | 95,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,66 Gb Total Space | 8,40 Gb Free Space | 8,60% Space Free | Partition Type: NTFS
Drive D: | 158,34 Gb Total Space | 158,05 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
Drive G: | 368,10 Gb Total Space | 23,64 Gb Free Space | 6,42% Space Free | Partition Type: NTFS
Computer Name: DORDESKTOP | User Name: Tei | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.12.28 22:37:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tei\Desktop\OTL.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
========== Modules (No Company Name) ==========
MOD - [2011.07.18 22:04:08 | 000,296,448 | ---- | M] () -- C:\Programme\Notepad++\NppShell_04.dll
========== Services (SafeList) ==========
SRV - [2012.12.24 13:31:53 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.12.18 18:25:41 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.08 14:00:00 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.10.10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.08.24 03:25:56 | 000,683,696 | ---- | M] (Juniper Networks) [Auto | Stopped] -- C:\Programme\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.04 19:49:36 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Programme\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012.04.11 01:06:10 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2012.04.11 00:59:14 | 000,542,552 | ---- | M] () [Auto | Stopped] -- C:\Programme\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012.04.02 19:46:58 | 000,329,544 | ---- | M] () [Auto | Stopped] -- C:\Programme\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011.11.15 19:26:48 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Stopped] -- C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011.07.20 04:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.06.29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011.06.17 08:33:46 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.04.21 18:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.04.21 18:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.04.11 07:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009.02.26 17:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Stopped] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA35B33A-A8A0-4CB2-A9E0-2C175B7E3159}\MpKsl14315c8f.sys -- (MpKsl14315c8f)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.10.10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.08.21 10:13:14 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012.04.09 13:27:18 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2012.01.05 00:01:58 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2012.01.05 00:01:54 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2011.08.10 15:39:48 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2011.04.30 13:00:20 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.04.30 13:00:18 | 000,039,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.04.30 13:00:06 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.01.13 03:17:18 | 000,106,752 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsmdm.sys -- (zghsmdm)
DRV - [2010.10.18 06:24:14 | 000,032,408 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\androidusb.sys -- (androidusb)
DRV - [2009.12.10 21:54:22 | 000,020,016 | ---- | M] (TigerGame.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Maypro.sys -- (MayPro)
DRV - [2009.04.11 06:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2009.03.25 15:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009.03.25 15:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009.03.25 15:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009.03.25 15:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009.03.25 15:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009.03.25 15:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009.03.25 15:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.12.04 22:55:40 | 000,217,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2008.11.26 19:20:38 | 000,030,816 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iqvw32.sys -- (NAL)
DRV - [2008.01.19 07:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.06.29 13:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2006.11.17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2006.11.02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.05.27 00:11:06 | 000,011,841 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw88rc5.sys -- (hcw88rc5)
DRV - [2006.04.01 01:14:58 | 000,299,715 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw88tse.sys -- (HCW88TSE)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B 65 1C CE 7C 2F CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{1B443DFF-BF27-4922-9CEC-761252A16CEE}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\..\SearchScopes\{67473310-0C17-4B50-912B-187D568CD0B1}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{BFE0873C-0C1F-45E0-9E92-E6AA97FD7028}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{E5A7B7B7-4E80-4A41-8079-E46FE1EE6C44}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.66.2
FF - prefs.js..extensions.enabledAddons: afurladvisor@anchorfree.com:1.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: G:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.05.20 14:12:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.05.20 14:12:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.12.28 17:59:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.09 11:13:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.08 13:59:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.12.08 13:59:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.08 13:59:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.12.08 13:59:54 | 000,000,000 | ---D | M]
[2011.04.03 18:28:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tei\AppData\Roaming\mozilla\Extensions
[2011.04.03 18:28:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tei\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.10.27 17:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tei\AppData\Roaming\mozilla\Firefox\Profiles\40bvf1uu.default\extensions
[2012.04.09 11:22:56 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Tei\AppData\Roaming\mozilla\Firefox\Profiles\40bvf1uu.default\extensions\battlefieldplay4free@ea.com
[2012.04.28 12:20:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.28 12:20:54 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
[2012.04.28 12:20:54 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\AFURLADVISOR@ANCHORFREE.COM
[2012.03.13 05:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.13 05:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.07.07 18:20:59 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.03.13 05:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
O1 HOSTS File: ([2012.12.28 17:49:45 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll (facemoods.com)
O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIHTU.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Tei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AWC - Verknüpfung.lnk = File not found
O4 - Startup: C:\Users\Tei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tei\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Tei\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Tei\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ssl.uni-duesseldorf.de/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C78A4A0E-8455-425D-98CF-F876280F8BDA}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Tei\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Tei\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.04.03 13:49:36 | 000,000,036 | ---- | M] () - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006.10.03 08:20:06 | 000,006,807 | ---- | M] () - C:\Autorun.ini -- [ NTFS ]
O32 - AutoRun File - [2006.08.07 10:48:26 | 000,265,078 | ---- | M] () - C:\AutoWire.bmp -- [ NTFS ]
O33 - MountPoints2\{7d5c6eb0-578e-11e0-aab1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7d5c6eb0-578e-11e0-aab1-806e6f6e6963}\Shell\AutoRun\command - "" = H:\RunGame.exe
O33 - MountPoints2\{9386443e-65e6-11e0-b17a-001d9222f063}\Shell - "" = AutoRun
O33 - MountPoints2\{9386443e-65e6-11e0-b17a-001d9222f063}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{e0e0b3ca-6509-11e0-ab44-001d9222f063}\Shell - "" = AutoRun
O33 - MountPoints2\{e0e0b3ca-6509-11e0-ab44-001d9222f063}\Shell\AutoRun\command - "" = K:\SETUP.EXE
O33 - MountPoints2\{e0e0b3ca-6509-11e0-ab44-001d9222f063}\Shell\configure\command - "" = K:\SETUP.EXE
O33 - MountPoints2\{e0e0b3ca-6509-11e0-ab44-001d9222f063}\Shell\install\command - "" = K:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.28 22:37:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tei\Desktop\OTL.exe
[2012.12.28 21:23:32 | 000,000,000 | -HSD | C] -- C:\found.000
[2012.12.25 17:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacBiophotonics ImageJ
[2012.12.25 17:42:50 | 000,000,000 | ---D | C] -- C:\MBF_ImageJ
[2012.12.23 20:01:31 | 000,000,000 | ---D | C] -- C:\Users\Tei\Desktop\Wohnung
[2012.12.22 12:35:53 | 000,000,000 | ---D | C] -- C:\Users\Tei\Documents\Corel
[2012.12.22 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Tei\Documents\Visual Studio 2008
[2012.12.22 12:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2012.12.22 12:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2012.12.22 12:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2012.12.22 12:31:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2012.12.22 12:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2012.12.22 12:28:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Corel
[2012.12.22 12:25:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6
[2012.12.22 12:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2012.12.22 12:23:21 | 000,000,000 | ---D | C] -- C:\ProgramData\CorelDRAW Graphics Suite X6
[2012.12.08 17:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1942
[2012.12.08 13:59:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Tei\Desktop\*.tmp files -> C:\Users\Tei\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.29 00:18:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.29 00:03:52 | 000,001,356 | ---- | M] () -- C:\Users\Tei\AppData\Local\d3d9caps.dat
[2012.12.28 23:06:37 | 000,302,592 | ---- | M] () -- C:\Users\Tei\Desktop\GMER.exe
[2012.12.28 22:37:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tei\Desktop\OTL.exe
[2012.12.28 22:36:10 | 000,722,904 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.28 22:36:10 | 000,674,604 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.28 22:36:10 | 000,160,544 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.28 22:36:10 | 000,131,662 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.28 22:34:54 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.28 22:00:04 | 000,003,264 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.28 22:00:04 | 000,003,264 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.28 21:06:09 | 000,465,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.28 18:41:43 | 000,002,964 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2012.12.28 18:27:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.28 18:03:28 | 000,000,212 | ---- | M] () -- C:\Users\Tei\Desktop\Legend of Grimrock.url
[2012.12.28 17:59:50 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.12.25 22:41:31 | 000,139,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.12.25 22:41:19 | 000,281,520 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012.12.25 22:39:09 | 000,280,904 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012.12.25 17:43:17 | 000,001,398 | ---- | M] () -- C:\Users\Public\Desktop\MacBiophotonics ImageJ.lnk
[2012.12.23 19:59:22 | 000,199,168 | ---- | M] () -- C:\Users\Tei\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.22 12:26:01 | 000,000,884 | ---- | M] () -- C:\Users\Tei\.recently-used.xbel
[2012.12.15 14:57:06 | 000,000,944 | ---- | M] () -- C:\Users\Tei\Desktop\skse_loader - Verknüpfung.lnk
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.09 16:20:15 | 000,002,612 | ---- | M] () -- C:\Users\Tei\Documents\WoC2000.oc
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Tei\Desktop\*.tmp files -> C:\Users\Tei\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.28 23:06:36 | 000,302,592 | ---- | C] () -- C:\Users\Tei\Desktop\GMER.exe
[2012.12.28 22:34:54 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.28 18:41:43 | 000,002,964 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2012.12.28 18:03:28 | 000,000,212 | ---- | C] () -- C:\Users\Tei\Desktop\Legend of Grimrock.url
[2012.12.25 17:43:17 | 000,001,398 | ---- | C] () -- C:\Users\Public\Desktop\MacBiophotonics ImageJ.lnk
[2012.12.22 12:26:01 | 000,000,884 | ---- | C] () -- C:\Users\Tei\.recently-used.xbel
[2012.12.15 14:57:06 | 000,000,944 | ---- | C] () -- C:\Users\Tei\Desktop\skse_loader - Verknüpfung.lnk
[2012.12.12 22:24:57 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.12 22:24:57 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.09 00:19:10 | 000,002,612 | ---- | C] () -- C:\Users\Tei\Documents\WoC2000.oc
[2012.06.07 20:04:08 | 001,276,753 | ---- | C] () -- C:\Users\Tei\BF3Update_05_June-DE.rar
[2012.04.21 12:19:41 | 000,139,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.04.21 12:19:19 | 000,281,520 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012.04.21 12:19:18 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.03.31 21:44:57 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat
[2012.03.30 09:26:11 | 1016,474,802 | ---- | C] () -- C:\Users\Tei\KoRn Live at Apollo 1999 [HD 720P Edit] Full show.mp4
[2012.02.26 16:47:23 | 000,094,322 | ---- | C] () -- C:\Users\Tei\AppData\Roaming\icarus-dxdiag.xml
[2012.02.15 11:31:32 | 000,840,264 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2012.02.13 11:20:57 | 000,000,374 | ---- | C] () -- C:\Users\Tei\Dokumente - Verknüpfung.lnk
[2012.01.20 14:18:54 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.01.13 11:58:09 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.06.08 16:02:02 | 000,314,973 | ---- | C] () -- C:\Users\Tei\german_dictionary-2.0.2-fx+tb+sm+fn.xpi
[2011.05.15 17:43:20 | 010,389,216 | ---- | C] () -- C:\Users\Tei\Infinity.zip
[2011.05.09 19:57:36 | 000,138,904 | ---- | C] () -- C:\Users\Tei\AppData\Roaming\PnkBstrK.sys
[2011.05.09 19:57:07 | 000,000,276 | ---- | C] () -- C:\Windows\game.ini
[2011.04.08 14:13:51 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.04.06 17:20:27 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.04.06 17:20:27 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.04.03 14:01:59 | 000,199,168 | ---- | C] () -- C:\Users\Tei\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.02 16:04:02 | 000,000,041 | ---- | C] () -- C:\Windows\System32\SUPPORT.INI
[2011.03.26 11:55:42 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2011.03.26 11:20:07 | 000,001,356 | ---- | C] () -- C:\Users\Tei\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.11.12 19:30:13 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\.purple
[2012.02.03 17:58:04 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\1&1 Mail & Media GmbH
[2011.07.06 17:02:12 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Amazon
[2012.06.18 20:51:26 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Bioshock
[2011.04.12 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\DAEMON Tools Lite
[2012.12.28 21:33:01 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Dropbox
[2012.02.09 11:34:51 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\DVDVideoSoft
[2011.07.15 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.24 15:00:22 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\enchant
[2012.12.22 11:26:22 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Epson
[2011.06.26 19:14:01 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\fltk.org
[2012.11.17 11:40:11 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\GSLBiotech
[2012.08.09 12:51:12 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\gtk-2.0
[2011.04.06 18:43:13 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Imagic403NMB
[2011.11.25 14:03:45 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\InfraRecorder
[2011.06.03 15:10:57 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\IrfanView
[2011.06.16 20:20:31 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Jaran Nilsen
[2012.12.23 18:53:39 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Juniper Networks
[2011.07.25 20:14:27 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Kalypso Media
[2011.07.29 13:38:43 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Laconic Software
[2011.04.04 19:33:00 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Leadertech
[2011.05.15 14:51:41 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\LolClient
[2012.04.23 15:36:49 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\LucasArts
[2011.11.28 16:40:32 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\molmol
[2012.04.24 11:28:05 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Notepad++
[2012.03.27 15:23:35 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\OnLive App
[2012.05.15 09:59:00 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Opera
[2012.12.03 20:43:04 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Origin
[2012.01.13 11:58:12 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\pdfforge
[2012.11.17 11:41:01 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\SnapGene Viewer
[2011.07.19 22:36:51 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\TerrariaWorldViewer
[2011.04.03 18:28:41 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\Thunderbird
[2011.05.18 19:01:42 | 000,000,000 | ---D | M] -- C:\Users\Tei\AppData\Roaming\TS3Client
========== Purity Check ==========
< End of report >
OTL Extras: Code:
OTL Extras logfile created on: 29.12.2012 00:21:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Teichert\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 83,69% Memory free
6,20 Gb Paging File | 5,91 Gb Available in Paging File | 95,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,66 Gb Total Space | 8,40 Gb Free Space | 8,60% Space Free | Partition Type: NTFS
Drive D: | 158,34 Gb Total Space | 158,05 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
Drive G: | 368,10 Gb Total Space | 23,64 Gb Free Space | 6,42% Space Free | Partition Type: NTFS
Computer Name: dorDESKTOP | User Name: Teichert | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{167BE5C0-BF6F-4429-9C97-AAF62FADE5AE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{DEEE9DDC-9888-4E24-B831-1B0011A3899D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B09886-D845-4A28-A795-1BBD544DFFD3}" = protocol=17 | dir=in | app=c:\users\teichert\appdata\roaming\dropbox\bin\dropbox.exe |
"{081B7F65-0A79-4810-9BF7-A0E02A0EA510}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\tom clancy's h.a.w.x - demo\hawx.exe |
"{0C2E276E-AA2F-4BD2-A69E-B761A71C118D}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\gotham city impostors\impostors.exe |
"{10DD4AA7-64AE-497C-BB7B-34CF3413FEDC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{11FC534F-9DFD-4F85-91C7-350FF738DC88}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\mortal kombat arcade kollection\binaries\win32\mkhdgame.exe |
"{171E5FD6-7F98-4763-96C9-0D4CBC0776B2}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{178C03D5-092D-46F5-BBA5-8CA1A406F8B5}" = protocol=6 | dir=in | app=g:\origingames\battlefield 3\bf3.exe |
"{17ECA885-CCD0-4D14-80C6-3EEEB8CD9FCD}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\dorxxl\counter-strike\hl.exe |
"{1BD3FC9C-484E-4867-A162-1AC1B62E686C}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{24779A3D-8039-4FBC-A6DF-F553F29CE29C}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\dorxxl\half-life\hl.exe |
"{27455D6E-115D-45C5-BAA8-FA8C30E15FA9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{278645C0-DFEC-4513-AFDD-0A660FDFF179}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2921B53B-7D3B-4807-A584-7B258DE24B20}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\cthulhu saves the world\cstw.exe |
"{2E2706EC-74B5-4703-B810-E780DA5F294D}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\dorxxl\half-life\hl.exe |
"{2EBC5115-1460-4838-B86E-57160874536B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{304E3B4B-E6ED-4754-84D3-60BF5D08DD03}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\limbo\limbo.exe |
"{3097DF7F-2169-4F40-A373-19FE968C3619}" = protocol=6 | dir=in | app=g:\programme\streetfighter4\ssfiv.exe |
"{314D4BDC-950F-4AA2-8FE2-2518FF1D950D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{32414B07-9F06-4D38-98E0-88202E896D13}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{378E8ABB-7729-4F35-BBB7-272CD18F0589}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\limbo\limbo.exe |
"{3A1C036B-1BEF-4E51-A810-585438B081A4}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{3C5AC7A9-25FD-41A7-B299-E7506AB1E1B4}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{3F3D07EF-C267-4ED3-BF07-7317C8507E3F}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{4999A9E8-D7B8-465B-BE78-25F08487ED8B}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\breath of death vii\bodviipc.exe |
"{49EC891C-9527-44C2-AF18-9E3111CAE2BE}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\mortal kombat arcade kollection\binaries\win32\mkhdgame.exe |
"{4EC26B49-C0F7-495F-B3A4-5CADC1AB152F}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\metro 2033\metro2033.exe |
"{56560E0E-D700-493F-B219-AFBA00A3AC90}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\tom clancy's h.a.w.x - demo\hawx.exe |
"{5B092615-E651-4ECA-8864-D44B6933978F}" = protocol=6 | dir=in | app=c:\users\teichert\appdata\roaming\dropbox\bin\dropbox.exe |
"{5B46247B-8D26-4406-9A29-CA5FBDC98C4F}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{5F8B6E4D-427B-41A4-B3F0-BC2604FFDEF7}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{600A9784-FCA2-48DE-8180-1385EE58284E}" = protocol=17 | dir=in | app=c:\program files\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{6316D554-8541-4F99-B6BC-54D5BCE1F5B9}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\cthulhu saves the world\cstw.exe |
"{63B0B923-3FF5-47B8-81CE-143C391B72BD}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\dino d-day\srcds.exe |
"{63C267C9-D1C3-442C-8F69-11840F22B36B}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{6514D6FA-C703-4D2E-9535-43604AC581A5}" = protocol=6 | dir=in | app=h:\network\epsonnetsetup\eneasyapp.exe |
"{68040E2E-D64A-4539-BED8-983FDA2D46BE}" = protocol=17 | dir=in | app=g:\programme\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{69201093-726F-463E-845C-828792898189}" = protocol=17 | dir=in | app=g:\programme\streetfighter4\ssfiv.exe |
"{6C29D1DC-DA1D-4F3E-A0A9-4EC9E417CC3B}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{6D1B312C-CF33-49E6-AD5E-3D0E0A73D9F2}" = protocol=6 | dir=in | app=g:\programme\cod\iw3mp.exe |
"{72438958-441B-4B42-8A2B-EA9EC27A5755}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\monkey2\monkey2.exe |
"{7E574467-2BB9-41CD-AC91-EDC0A1BA4E1E}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\breath of death vii\bodviipc.exe |
"{7FAAE047-A8BE-474A-B2DF-E8B525157EB2}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\darksiders\darksiderspc.exe |
"{7FB9C2EA-35B4-4128-BFD0-697F1BBDBB24}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\the binding of isaac\isaac.exe |
"{8883366E-A3B7-4BD4-8A0B-0DC0CFEFD5EA}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{8A2C480E-2358-4EBA-B7B8-7D4523CA46D5}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{8DCBBAD9-1285-4AFE-9B9D-A277CC75F949}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8E675A4D-4BDD-46EA-853C-CBF2911BA551}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\gotham city impostors\engine.exe |
"{8E9DC201-7EAE-44C7-ADA7-6D77BCA16A9A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{955C9C19-DF13-4532-B725-75CB01880C29}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{97A51991-9A4E-43F5-A669-382DB7C6BD13}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{993EDB39-C1EA-4187-A938-0F564BE70A15}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{99718D7D-56DE-414A-ACDA-33FD2F6DBEC8}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{99EB2CBF-6E8C-450E-8E9D-411879C59496}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{9AD2FDFB-86C9-42D0-B560-35A95BE5294D}" = protocol=6 | dir=in | app=g:\origingames\battlefield 1942\bf1942.exe |
"{9B4DA442-B576-44F3-815C-AD216D9E2D0C}" = protocol=17 | dir=in | app=g:\programme\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{9E947E9F-DB80-414D-9575-67605AA60BA1}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\dino d-day\srcds.exe |
"{9F49F2E9-6FAA-4D42-B148-3FF5DC403877}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\metro 2033\metro2033.exe |
"{A250C862-6F3A-44C3-9557-E20090119DBF}" = protocol=6 | dir=in | app=g:\programme\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{A392026E-6C08-4301-BF4B-CB3334476136}" = protocol=6 | dir=in | app=c:\program files\opera next\opera.exe |
"{AEBF6E98-E52B-4E85-98C3-13AC056B73CE}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{B3933591-ECBA-4CCF-8EC0-BC1CA8577F93}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\the binding of isaac\isaac.exe |
"{B904B663-ABC2-47D9-BF86-D334FCAC77DB}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{BA231127-A804-4E6F-9F16-287D9F157E5F}" = protocol=17 | dir=in | app=c:\program files\opera next\opera.exe |
"{BCF4FF55-4BB2-4810-87DC-F9A93E07FE07}" = protocol=6 | dir=in | app=c:\program files\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{C529DEF7-3525-4713-9B25-699B14629401}" = protocol=17 | dir=in | app=g:\origingames\battlefield 1942\bf1942.exe |
"{C530D2CC-4FE1-47A3-9ED1-9AC89BFE2E40}" = protocol=17 | dir=in | app=g:\origingames\battlefield 3\bf3.exe |
"{C7CC7493-23E5-4C9B-BA6A-D30B73E35FC7}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{C83D90EE-14CA-4E0E-B18B-764196F70A5E}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\darksiders\darksiderspc.exe |
"{C9AAAC4F-2BF4-421D-B1F8-7E25F872BEF0}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{CCFECC5C-D915-4115-AB4F-0F48FA0B7E90}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CDA7FC4D-420A-4795-B531-4CC3AC1225B4}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\gotham city impostors\engine.exe |
"{CF837173-CFD5-4A3D-9780-B6A414F4BA0A}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\dorxxl\counter-strike\hl.exe |
"{D43227AE-D70E-4B27-8A6A-6C4D43A18100}" = protocol=17 | dir=in | app=g:\programme\steam\steam.exe |
"{D48E51CD-D529-4CCD-82F2-515A25EF7D91}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D56F1CA8-E6F3-468E-B6EA-1C876D49459A}" = protocol=6 | dir=in | app=g:\programme\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{D8A4523B-47FE-4524-B96F-1C6FB8FC278B}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{D8E98D77-599D-42CB-9F7C-C1B0CB2C82AD}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DFB74804-CC86-4AB0-9CD2-0901A877C008}" = protocol=17 | dir=in | app=h:\network\epsonnetsetup\eneasyapp.exe |
"{E17E660D-0034-4727-9AF4-3F87F59C1E36}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E1B3BBBC-1D16-4807-970A-BAB874B7446C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E9AA5895-DF1F-43FD-A46E-4F87557F90B9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{EAE20100-CE0E-4870-89C2-33E28C492AB4}" = protocol=6 | dir=in | app=g:\programme\steam\steam.exe |
"{ED8045A9-E887-49DF-A81F-3F17357725A3}" = protocol=17 | dir=in | app=g:\programme\cod\iw3mp.exe |
"{EEC76FD1-B260-4E6A-ABA5-AFC6A28C6B3D}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\gotham city impostors\impostors.exe |
"{F7C6405E-8A56-4B35-BB70-5DCBE93248B0}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{F7E69213-B9D7-41EC-BF67-04265E5429C6}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\monkey2\monkey2.exe |
"{F985A2E1-2FCF-4FFA-A74B-CDC06C1D1F98}" = dir=in | app=g:\programme\itunes\itunes.exe |
"{FA86F671-8B24-41D2-95A0-890DFB444380}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{00986356-A0FF-4B53-8B5B-ADB35C66C0AF}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{0467D0B5-C2BF-4542-A483-6E36DDFEFCDE}G:\programme\steam\steamapps\dorxxl\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\dorxxl\team fortress 2\hl2.exe |
"TCP Query User{17DFBF62-4F15-4177-9F29-D2FAAA92769F}C:\program files\electronic arts\dead space\dead space.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\dead space\dead space.exe |
"TCP Query User{37ECAC2A-5FF3-4490-BFDD-21270866B50A}C:\program files\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files\pidgin\pidgin.exe |
"TCP Query User{39CA1830-47AA-490B-AE1C-816DCBDDA89C}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{3FA65EE8-8E54-442F-9EA0-04E5A0FF7EAD}G:\programme\steam\steamapps\common\metro 2033\metro2033benchmark.exe" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\metro 2033\metro2033benchmark.exe |
"TCP Query User{4A6991A1-14E7-4B64-9645-A9882A935504}C:\program files\dc software\dl10xp.exe" = protocol=6 | dir=in | app=c:\program files\dc software\dl10xp.exe |
"TCP Query User{534C9153-EF77-416A-90CD-F325A29DC245}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{56065543-7797-48B6-B1F2-D92065D3FF17}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{80C3F805-5892-4F37-90AC-0FD586AF6F75}C:\program files\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files\pidgin\pidgin.exe |
"TCP Query User{846E3408-1782-402A-BFD9-0DC4D094AD59}G:\programme\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=g:\programme\tmnationsforever\tmforever.exe |
"TCP Query User{93C4F269-63A0-4D3F-B997-FA05035FC608}C:\users\teichert\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\teichert\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{A744686A-8206-42C9-9254-6BE88330A8CA}C:\program files\dc software\dl10xp.exe" = protocol=6 | dir=in | app=c:\program files\dc software\dl10xp.exe |
"TCP Query User{B145B549-E926-4704-8784-9255E58B2BBF}G:\programme\aoe\empires2.icd" = protocol=6 | dir=in | app=g:\programme\aoe\empires2.icd |
"TCP Query User{B63997CE-ED49-4783-9200-3D2B5DC88604}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{BA246211-6296-4178-9062-D7844E3F19FC}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{D05B78B2-876A-4E3A-8746-3526EE94D97D}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{DC90014E-6951-4F14-8321-1B5BBFCF9E9A}G:\programme\fallout3\fallout3ng.exe" = protocol=6 | dir=in | app=g:\programme\fallout3\fallout3ng.exe |
"TCP Query User{DE539CE6-7B50-4921-BB9E-EB65E42FCF1B}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"TCP Query User{DE640C24-1CBB-4D73-86AD-0ABED0CD1B52}G:\programme\steam\steamapps\dorxxl\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\dorxxl\counter-strike source\hl2.exe |
"UDP Query User{0BA16E64-908D-4149-87C4-1FE2677CB917}G:\programme\steam\steamapps\dorxxl\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\dorxxl\team fortress 2\hl2.exe |
"UDP Query User{130CB730-17B6-43DC-9435-5374EC41BDA8}G:\programme\steam\steamapps\dorxxl\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\dorxxl\counter-strike source\hl2.exe |
"UDP Query User{258447D8-3698-4526-B71C-B53C05E7570B}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{2756F946-1D63-4896-AAB9-D1E2D2167195}G:\programme\aoe\empires2.icd" = protocol=17 | dir=in | app=g:\programme\aoe\empires2.icd |
"UDP Query User{39257BEC-A94A-4DBD-9571-E4B16815FD7C}G:\programme\fallout3\fallout3ng.exe" = protocol=17 | dir=in | app=g:\programme\fallout3\fallout3ng.exe |
"UDP Query User{3AB46CA7-4CE9-4044-8F29-75CBBEE2B6B7}C:\program files\electronic arts\dead space\dead space.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\dead space\dead space.exe |
"UDP Query User{458C132A-92E6-4F3F-913A-F3AF007477A2}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{48EB4463-2859-4A02-BF3D-AF3EAA739391}C:\program files\dc software\dl10xp.exe" = protocol=17 | dir=in | app=c:\program files\dc software\dl10xp.exe |
"UDP Query User{55EE4341-1E78-4EF6-899F-E0DC339D6640}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6F718A26-A44C-491E-BB9F-5F316BC473ED}C:\program files\dc software\dl10xp.exe" = protocol=17 | dir=in | app=c:\program files\dc software\dl10xp.exe |
"UDP Query User{841FAFDA-D062-4A47-99F2-4FE8B9589830}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"UDP Query User{934DC820-5B07-427C-A5C6-C8D913A135E6}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{9B1078E8-9C96-4A20-BCF5-2F1401C8F6AD}G:\programme\steam\steamapps\common\metro 2033\metro2033benchmark.exe" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\metro 2033\metro2033benchmark.exe |
"UDP Query User{AAA686DF-6DAD-4F34-99B5-D9D2DDC349D6}C:\users\teichert\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\teichert\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{B071989F-482D-418E-A38F-437CEC93581A}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{B11E6882-70A8-40D6-BACE-3CC0B181A0C4}C:\program files\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files\pidgin\pidgin.exe |
"UDP Query User{C2403338-0BB9-42FA-A118-629F551FCF23}G:\programme\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=g:\programme\tmnationsforever\tmforever.exe |
"UDP Query User{D5787C21-B2E3-4BCB-94CC-C6E94D006951}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{D6329CDD-A7DE-4BE7-85DD-CA20EABCDD55}C:\program files\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files\pidgin\pidgin.exe |
"UDP Query User{EE26FA68-A3FB-423C-BD9A-9954D9161D8E}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6
"_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0084B0C3-F376-42E3-804A-885D249282BD}" = CorelDRAW Graphics Suite X6 - IPM
"{01339AE5-04D4-43F8-008E-13AD788DC4F7}" = SimCity 4
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}" = Microsoft Application Compatibility Toolkit 5.6
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{169ADA4A-8079-4CD8-8E20-030B1A54E552}" = CorelDRAW Graphics Suite X6 - DE
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25D69CEE-3EE2-47FD-9A0E-5013240EC953}" = CorelDRAW Graphics Suite X6 - Common
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A708B4E-B226-4EBB-AA55-639C17E7939E}" = DC Software
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{318FF3D7-0C40-483B-AF92-AF36416B0AC6}" = CorelDRAW Graphics Suite X6 - Writing Tools
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3f81319b-b4a2-46d5-a8df-af8615e9fb37}.sdb" = Fallout3
"{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition
"{43430FA0-4A2E-404A-B715-951000038101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{43430FA0-4A2E-404A-B715-951000048101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6 - Setup Files
"{55648b1f-943b-45c5-8ef0-811156735f2e}.sdb" = REG
"{579CA850-B2C3-43F3-A3F6-3A0AE42E8225}" = CorelDRAW Graphics Suite X6 - FontNav
"{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}" = TES Construction Set
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray Version 0.6
"{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}" = Battlefield 1942™
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{603C6570-2BA1-4FC6-8735-7EFA6D1F6F61}" = CorelDRAW Graphics Suite X6 - Custom Data
"{62BEC144-7029-4BF4-B3F2-FA231FB9F84B}" = CorelDRAW Graphics Suite X6 - Redist
"{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}" = Battlefield 3™
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6F53FB68-6620-423E-B7CD-B8205655B421}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74FA94F1-9566-4252-9372-E7EAFFEFE209}" = CorelDRAW Graphics Suite X6 - Capture
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777AD08E-B32A-4456-AFE1-094DBECEB268}" = Intel(R) Network Connections 13.5.32.0
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79A2AB22-00D8-4F09-A00A-F1CB7DB3E916}_is1" = Penumbra
"{7A2FF332-E4F6-4D87-9EBD-EDFF1216490F}" = CorelDRAW Graphics Suite X6 - Filters
"{7CCD75BD-5528-4FE1-90D2-392D661A2BF1}" = CorelDRAW Graphics Suite X6 - VSTA
"{7F9F6864-8CAB-440C-AF44-030D0135666D}" = CorelDRAW Graphics Suite X6
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{879E2460-18F9-48F2-B736-4E814A699504}" = CorelDRAW Graphics Suite X6 - VBA
"{8944ED10-DBF2-4FA9-8B5D-D7E1B046C761}_is1" = ColdCut
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EF200A3-1CAC-462E-990B-EC902279BAAA}" = Microsoft Visual Basic for Applications 7.1 (x86) German
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{C5262276-0075-498B-B80F-7D997482E4DB}" = CorelDRAW Graphics Suite X6 - Draw
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF55095E-07AA-432E-8376-CEF71D70746A}_is1" = Vampires Dawn: Reign of Blood
"{D4A17D31-2F7B-4682-AD57-467021452909}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin
"{D4EFC6B7-3DA5-400D-9682-9BE287A5440E}" = CorelDRAW Graphics Suite X6 - Connect
"{DDFEB503-D662-4224-82C9-37A5698FDC25}" = CorelDRAW Graphics Suite X6 - VideoBrowser
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.16
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E728441A-7820-4B1C-87C9-DE7BE37B2953}" = Download Navigator
"{E8F5F4AB-512F-44EB-9018-3C527AF6A717}" = Irodio Photo & Video Studio
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.02.002
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}" = Epson Event Manager
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFF841F3-9A15-4F61-BD16-C19F132E5A27}" = Epson Easy Photo Print 2
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer
"5513-1208-7298-9440" = JDownloader 0.9
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"Desura" = Desura
"D-Fend Reloaded" = D-Fend Reloaded 1.3.1 (deinstallieren)
"Digital Editions" = Adobe Digital Editions
"DivX Setup.divx.com" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON BX535WD Series" = Druckerdeinstallation für EPSON BX535WD Series
"EPSON BX535WD Series Netg" = Netzwerkhandbuch EPSON BX535WD Series
"EPSON BX535WD Series Useg" = Benutzerhandbuch EPSON BX535WD Series
"EPSON Scanner" = EPSON Scan
"ESN Sonar-0.70.4" = ESN Sonar
"facemoods" = Facemoods Toolbar
"Free Fire Screensaver" = Free Fire Screensaver
"Free YouTube Download_is1" = Free YouTube Download version 3.0.19.1206
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"FXAA Post Process Injector" = FXAA Post Process Injector
"GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition
"HotspotShield" = Hotspot Shield 2.53
"InfraRecorder" = InfraRecorder
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Juniper Network Connect 7.1.8" = Juniper Networks Network Connect 7.1.8
"Juniper Network Connect 7.2.0" = Juniper Networks Network Connect 7.2.0
"MacBiophotonics ImageJ_is1" = Uninstall_ImageJ
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mayflash Wii Classic Controller Box_is1" = Mayflash Wii Classic Controller Box
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Opera 12.12.1707" = Opera 12.12
"Origin" = Origin
"Pidgin" = Pidgin
"PROSetDX" = Intel(R) Network Connections 13.5.32.0
"PunkBusterSvc" = PunkBuster Services
"Riot-plugin" = Riot plugin
"RPGAdvocates_RTP_1.0" = Common RTP 1.0
"SnapGene Viewer" = SnapGene Viewer
"sp6" = Logitech SetPoint 6.30
"Steam App 10" = Counter-Strike
"Steam App 105600" = Terraria
"Steam App 107300" = Breath of Death VII
"Steam App 107310" = Cthulhu Saves the World
"Steam App 113200" = The Binding Of Isaac
"Steam App 205350" = Mortal Kombat Kollection
"Steam App 207170" = Legend of Grimrock
"Steam App 21170" = Gotham City Impostors
"Steam App 21930" = Tom Clancy's H.A.W.X. - Demo
"Steam App 22380" = Fallout: New Vegas
"Steam App 240" = Counter-Strike: Source
"Steam App 32460" = Monkey Island 2: Special Edition
"Steam App 43110" = Metro 2033
"Steam App 440" = Team Fortress 2
"Steam App 48000" = LIMBO
"Steam App 50620" = Darksiders
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 7670" = BioShock
"Steam App 8980" = Borderlands
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Terranigma 2 - The Contiunance Demo 0.8.1" = Terranigma 2 - The Contiunance Demo 0.8.1
"UltraISO_is1" = UltraISO Premium V9.52
"VLC media player" = VLC media player 1.1.8
"WinGimp-2.0_is1" = GIMP 2.6.11
"X10Hardware" = X10 Hardware(TM)
"ZMBV" = Zip Motion Block Video codec (Remove Only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Dropbox" = Dropbox
"iTunes Agent 1.3.4" = iTunes Agent 1.3.4
"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
"Simple Viewer" = Simple Viewer
"UnityWebPlayer" = Unity Web Player
"WinSetupFromUSB" = WinSetupFromUSB
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.12.2012 17:00:22 | Computer Name = dorDesktop | Source = Windows Search Service | ID = 3029
Description =
Error - 28.12.2012 17:00:22 | Computer Name = dorDesktop | Source = Windows Search Service | ID = 3028
Description =
Error - 28.12.2012 17:00:22 | Computer Name = dorDesktop | Source = Windows Search Service | ID = 3058
Description =
Error - 28.12.2012 17:01:28 | Computer Name = dorDesktop | Source = ESENT | ID = 489
Description = Windows (3756) Windows: Versuch, Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log"
für den Lesezugriff zu öffnen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert
" fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 28.12.2012 17:01:28 | Computer Name = dorDesktop | Source = ESENT | ID = 455
Description = Windows (3756) Windows: Fehler -1032 (0xfffffbf8) beim Öffnen von
Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log.
Error - 28.12.2012 17:01:38 | Computer Name = dorDesktop | Source = ESENT | ID = 489
Description = Windows (3756) Windows: Versuch, Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log"
für den Lesezugriff zu öffnen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert
" fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 28.12.2012 17:01:38 | Computer Name = dorDesktop | Source = ESENT | ID = 455
Description = Windows (3756) Windows: Fehler -1032 (0xfffffbf8) beim Öffnen von
Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log.
Error - 28.12.2012 17:01:38 | Computer Name = dorDesktop | Source = Windows Search Service | ID = 9000
Description =
Error - 28.12.2012 17:01:38 | Computer Name = dorDesktop | Source = Windows Search Service | ID = 1006
Description =
Error - 28.12.2012 17:20:04 | Computer Name = dorDesktop | Source = EventSystem | ID = 4609
Description =
[ System Events ]
Error - 28.12.2012 17:33:06 | Computer Name = dorDesktop | Source = DCOM | ID = 10005
Description =
Error - 28.12.2012 17:33:10 | Computer Name = dorDesktop | Source = Service Control Manager | ID = 7001
Description =
Error - 28.12.2012 17:33:10 | Computer Name = dorDesktop | Source = Service Control Manager | ID = 7026
Description =
Error - 28.12.2012 19:15:50 | Computer Name = dorDesktop | Source = DCOM | ID = 10005
Description =
Error - 28.12.2012 19:19:21 | Computer Name = dorDesktop | Source = DCOM | ID = 10005
Description =
Error - 28.12.2012 19:19:35 | Computer Name = dorDesktop | Source = DCOM | ID = 10005
Description =
Error - 28.12.2012 19:19:38 | Computer Name = dorDesktop | Source = DCOM | ID = 10005
Description =
Error - 28.12.2012 19:19:57 | Computer Name = dorDesktop | Source = DCOM | ID = 10005
Description =
Error - 28.12.2012 19:20:02 | Computer Name = dorDesktop | Source = Service Control Manager | ID = 7001
Description =
Error - 28.12.2012 19:20:02 | Computer Name = dorDesktop | Source = Service Control Manager | ID = 7026
Description =
< End of report >
(GMER ist während des Scans abgestürzt (PC war vom Internet getrennt))
Bitte helft mir! Ich brauche den Rechner dringend für die Uni :( |
AdwCleaner auf deinen Desktop.