jetzt aber!
hier die txt files:
OTL.Txt
OTL Logfile: Code:
OTL logfile created on: 15.06.2010 15:37:25 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16643)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.022,00 Mb Total Physical Memory | 188,00 Mb Available Physical Memory | 18,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,04 Gb Total Space | 72,56 Gb Free Space | 51,45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***-PC
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Programme\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Programme\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Programme\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
PRC - C:\Programme\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\TCPSVCS.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (NMIndexingService) -- File not found
SRV - (Nero BackItUp Scheduler 4.0) -- File not found
SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (simptcp) -- C:\Windows\System32\TCPSVCS.EXE (Microsoft Corporation)
SRV - (ISPwdSvc) -- C:\Program Files\Norton Internet Security\isPwdSvc.exe (Symantec Corporation)
SRV - (comHost) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)
SRV - (SymAppCore) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
========== Driver Services (SafeList) ==========
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (FETND6V) -- C:\Windows\System32\drivers\fetnd6v.sys (VIA Technologies, Inc. )
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (UsbSagCom) -- C:\Windows\System32\drivers\UsbSagCom.sys (Sagem Communication)
DRV - (pfc) -- C:\Windows\System32\drivers\pfc.sys (Padus, Inc.)
DRV - (motmodem) -- C:\Windows\System32\drivers\motmodem.sys (Motorola)
DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070612.005\IDSvix86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070626.017\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070626.017\NAVENG.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (PRISM_A02) -- C:\Windows\System32\drivers\PRISMA02.sys (Conexant Systems, Inc.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Avc) -- C:\Windows\System32\drivers\avc.sys (Microsoft Corporation)
DRV - (61883) -- C:\Windows\System32\drivers\61883.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\Windows\System32\drivers\msdv.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMFW) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS) -- C:\Windows\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMDNS) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (ovt530) -- C:\Windows\System32\drivers\ov530vid.sys (OmniVision Technologies, Inc.)
DRV - (ASPI) -- C:\Windows\System32\drivers\ASPI32.SYS (Adaptec)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1008\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4039198485-1440016021-4218304769-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {B9C8BE50-7105-4ec6-8FB4-4935C0671648}:0.5.995
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..network.proxy.backup.ftp: "80.216.254.79"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "80.216.254.79"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "80.216.254.79"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "80.216.254.79"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "92.52.125.20"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: "92.52.125.20"
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http: "92.52.125.20"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "92.52.125.20"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "92.52.125.20"
FF - prefs.js..network.proxy.ssl_port: 80
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.11 09:48:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.13 16:00:04 | 000,000,000 | ---D | M]
[2009.01.27 14:00:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.06.14 18:42:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\47qonp7q.default\extensions
[2010.02.17 13:10:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\47qonp7q.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2010.04.20 16:44:16 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\47qonp7q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.04.07 16:36:52 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\47qonp7q.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.04.20 16:44:38 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\47qonp7q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.04.27 15:34:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\47qonp7q.default\extensions\youtube2mp3@mondayx.de
[2010.04.11 09:48:01 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2007.08.16 12:11:57 | 000,000,000 | ---D | M] (MeMedia) -- C:\Programme\Mozilla Firefox\extensions\{A89AED22-9133-424c-88E7-C8235C5FF302}
[2007.11.23 14:43:00 | 000,000,000 | ---D | M] (Preispiraten) -- C:\Programme\Mozilla Firefox\extensions\{C8D3D3BE-7ADC-4109-BF8C-6330A9F58B0C}
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2008.01.25 14:45:37 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4039198485-1440016021-4218304769-1004\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ccApp] C:\Programme\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nokia FastStart] C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4039198485-1440016021-4218304769-1008..\Run: [audihCfg] C:\Users\***~1.VAL\AppData\Local\Temp\krnlutou.DLL File not found
O4 - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Uninstall Adobe Download Manager] File not found
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/VistaMSNPUpldde-de.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2006.11.02 13:18:47 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ccApp - hkey= - key= - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {26BA5E62-D8F4-F6FD-6DBC-69007C1837EA} - Microsoft Windows Media Player
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {35DEB72D-C666-3498-3CD2-3ABDAAD7990C} - Microsoft Windows Media Player 11.0
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {591C141C-8450-7EA4-66AE-E73A6F4BECD2} - Microsoft Windows Media Player
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E4066320-E4AE-11CF-B1B0-00AA00BBAD66} - rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserRemove
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.ACDV - C:\Windows\System32\ACDV.dll (ACD Systems)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\Windows\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010.06.05 13:10:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\FLVService
[2010.06.05 13:10:44 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Ask and Record Toolbar
[2010.06.05 13:10:28 | 000,000,000 | ---D | C] -- C:\Windows\Ask & Record Toolbar
[2010.06.05 13:10:28 | 000,000,000 | ---D | C] -- C:\Programme\Ask & Record Toolbar
[2010.06.04 11:22:55 | 000,000,000 | ---D | C] -- C:\Programme\Free Music Zilla
[2010.06.04 10:27:36 | 000,000,000 | ---D | C] -- C:\Users\***\.junique
[2010.06.04 10:27:09 | 000,000,000 | ---D | C] -- C:\Programme\VMLoad
[2010.06.04 10:27:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\VMLoad
[2010.05.25 16:41:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\VoipStunt
[2010.05.23 19:50:31 | 000,000,000 | ---D | C] -- C:\Programme\S.A.D
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.15 15:46:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DB5343E8-CE70-4E94-976A-8D34384E77BC}.job
[2010.06.15 15:46:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8C05DB01-6074-4D5C-92B6-D16946A8B3E8}.job
[2010.06.15 15:46:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{20FBBBAF-D884-47B0-A5AF-4ECCFF744CA7}.job
[2010.06.15 15:37:30 | 004,980,736 | ---- | M] () -- C:\Users\***\ntuser.dat
[2010.06.15 15:32:07 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.15 15:32:07 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.15 15:31:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Erweiterte Garantie.job
[2010.06.15 15:19:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4039198485-1440016021-4218304769-1004UA.job
[2010.06.15 15:19:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4039198485-1440016021-4218304769-1004Core.job
[2010.06.15 15:11:00 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4039198485-1440016021-4218304769-1002UA.job
[2010.06.15 15:04:31 | 003,626,418 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.06.15 14:32:11 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.15 14:31:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.15 14:31:14 | 1072,160,768 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.14 21:30:17 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2CCE29E0-DED1-4B8D-918E-6D1D7DEA7149}.job
[2010.06.14 19:44:17 | 000,104,546 | ---- | M] () -- C:\Users\***\Desktop\***jsjd.flp
[2010.06.14 19:11:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4039198485-1440016021-4218304769-1002Core.job
[2010.06.11 22:16:32 | 000,000,526 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Vollständige Systemprüfung ausführen - ***.job
[2010.06.11 21:21:56 | 000,002,050 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk
[2010.06.10 14:13:11 | 001,289,891 | ---- | M] () -- C:\Users\***\Desktop\***Beat.mp3
[2010.06.10 14:11:03 | 000,326,457 | ---- | M] () -- C:\Users\***\Desktop\***Beat.flp
[2010.06.10 14:11:03 | 000,326,457 | ---- | M] () -- C:\Users\***\Desktop\***Beat - Kopie.flp
[2010.06.10 14:09:51 | 002,305,113 | ---- | M] () -- C:\Users\***\Desktop\***beat18.mp3
[2010.06.10 10:40:33 | 000,100,224 | ---- | M] () -- C:\Users\***\Desktop\***.flp
[2010.06.02 21:56:35 | 000,142,224 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.01 13:38:33 | 000,680,784 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.06.01 13:38:33 | 000,643,144 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.01 13:38:33 | 000,134,374 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.06.01 13:38:33 | 000,118,348 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.01 13:38:32 | 001,569,768 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.30 08:44:07 | 001,808,112 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.25 17:34:21 | 003,680,830 | ---- | M] () -- C:\Users\***\Desktop\Smajl Puraj - 5.wma
[2010.05.25 17:33:58 | 003,836,206 | ---- | M] () -- C:\Users\***\Desktop\Smajl Puraj - 4.wma
[2010.05.25 17:33:32 | 003,411,910 | ---- | M] () -- C:\Users\***\Desktop\Smajl Puraj - 3.wma
[2010.05.25 17:33:07 | 002,724,670 | ---- | M] () -- C:\Users\***\Desktop\Smajl Puraj - 2.wma
[2010.05.25 17:32:45 | 003,011,518 | ---- | M] () -- C:\Users\***\Desktop\Smajl Puraj - 1 Avanturiste.wma
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.13 11:23:38 | 000,104,546 | ---- | C] () -- C:\Users\***\Desktop\***jsjd.flp
[2010.06.10 15:17:07 | 000,326,457 | ---- | C] () -- C:\Users\***\Desktop\***Beat - Kopie.flp
[2010.06.10 14:08:40 | 002,305,113 | ---- | C] () -- C:\Users\***\Desktop\***beat18.mp3
[2010.06.10 11:59:11 | 001,289,891 | ---- | C] () -- C:\Users\***\Desktop\***Beat.mp3
[2010.05.25 17:33:58 | 003,680,830 | ---- | C] () -- C:\Users\***\Desktop\*** - 5.wma
[2010.05.25 17:33:32 | 003,836,206 | ---- | C] () -- C:\Users\***\Desktop\*** - 4.wma
[2010.05.25 17:33:07 | 003,411,910 | ---- | C] () -- C:\Users\***\Desktop\*** - 3.wma
[2010.05.25 17:32:45 | 002,724,670 | ---- | C] () -- C:\Users\***\Desktop\*** - 2.wma
[2010.05.25 17:32:28 | 003,011,518 | ---- | C] () -- C:\Users\***\Desktop\*** - 1 Avanturiste.wma
[2010.05.20 16:47:45 | 000,100,224 | ---- | C] () -- C:\Users\***\Desktop\***.flp
[2009.11.15 17:11:01 | 005,423,104 | ---- | C] () -- C:\Windows\System32\tlpsplib10.dll
[2009.11.05 15:06:50 | 000,688,128 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2009.11.05 15:06:50 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2009.01.20 14:07:31 | 000,118,784 | ---- | C] () -- C:\Windows\System32\mp3dec.dll
[2008.11.22 20:41:24 | 000,362,029 | ---- | C] () -- C:\Windows\System32\SQLite3.dll
[2008.10.08 12:30:33 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2008.03.08 12:21:09 | 000,383,238 | ---- | C] () -- C:\Windows\System32\libmp3lame-0.dll
[2008.01.02 17:33:37 | 000,000,114 | ---- | C] () -- C:\Windows\ae_mini.INI
[2008.01.02 17:33:12 | 000,000,554 | ---- | C] () -- C:\Windows\smrpro.INI
[2007.11.24 15:36:48 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.10.14 14:18:33 | 000,000,057 | ---- | C] () -- C:\Windows\wininit.ini
[2007.09.17 14:58:29 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2007.08.31 15:00:52 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.08.31 15:00:38 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.07.05 16:50:58 | 000,000,091 | ---- | C] () -- C:\Windows\fpxpress.ini
[2007.06.30 13:20:39 | 000,003,654 | ---- | C] () -- C:\Windows\System32\drivers\Sonyhcp.dll
[2007.06.26 17:57:59 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.05.18 12:05:24 | 000,000,067 | ---- | C] () -- C:\Windows\AVIConverter.INI
[2007.03.29 18:27:47 | 000,000,000 | ---- | C] () -- C:\Windows\AudioDVD.INI
[2007.03.17 13:57:55 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2006.11.21 18:58:48 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.01 10:57:24 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2006.10.27 09:26:56 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll
[2006.07.04 10:11:06 | 000,002,045 | -H-- | C] () -- C:\Windows\System32\whlb32g.dll
[2006.06.01 21:06:00 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2006.02.26 11:08:28 | 000,585,728 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
========== LOP Check ==========
[2009.06.02 16:38:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Any Video Converter
[2010.04.25 19:43:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2009.12.29 17:19:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeFLVConverter
[2009.10.16 15:17:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ImgBurn
[2008.10.08 12:33:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2008.09.05 18:10:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mp3tag
[2008.09.02 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Music Recognition
[2010.04.20 17:30:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nokia
[2008.09.02 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nvu
[2008.09.02 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera
[2009.02.18 19:07:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Orbit
[2010.04.21 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Packard Bell
[2009.02.06 17:32:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Teeworlds
[2009.05.03 15:55:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thinstall
[2009.01.09 16:26:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2010.06.04 11:22:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VMLoad
[2009.02.26 17:03:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VoipCheapCom
[2008.12.10 16:02:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VoipRaider
[2010.05.25 16:58:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VoipStunt
[2010.06.14 16:43:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2010.06.04 11:23:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FMZilla
[2008.10.08 20:22:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2008.09.02 15:09:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mp3tag
[2010.05.31 16:50:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nokia
[2009.06.20 15:08:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC Suite
[2009.04.02 14:01:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thinstall
[2010.06.04 11:15:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VMLoad
[2010.05.25 16:34:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VoipCheapCom
[2007.06.26 18:50:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ACD Systems
[2009.06.22 20:39:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2007.03.17 19:54:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ Toolbar
[2009.02.10 15:08:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Orbit
[2008.07.19 20:03:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Packard Bell
[2010.03.08 20:01:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC Suite
[2008.11.11 19:34:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Teeworlds
[2007.12.09 10:16:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2008.08.04 12:10:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VoipCheapCom
[2010.06.15 15:31:00 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\Erweiterte Garantie.job
[2010.06.15 13:05:23 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.06.15 15:46:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{20FBBBAF-D884-47B0-A5AF-4ECCFF744CA7}.job
[2010.06.14 21:30:17 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2CCE29E0-DED1-4B8D-918E-6D1D7DEA7149}.job
[2010.06.15 15:46:00 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{8C05DB01-6074-4D5C-92B6-D16946A8B3E8}.job
[2010.06.15 15:46:00 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{DB5343E8-CE70-4E94-976A-8D34384E77BC}.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.05.29 18:20:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe
[2009.06.02 16:38:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Any Video Converter
[2008.11.16 19:36:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ArcSoft
[2009.06.19 15:46:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DivX
[2010.05.14 17:09:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\dvdcss
[2010.04.25 19:43:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2009.12.29 17:19:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeFLVConverter
[2009.10.16 15:17:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ImgBurn
[2008.09.02 15:28:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia
[2008.10.08 12:33:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2008.09.12 16:43:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Media Player Classic
[2009.05.21 11:20:39 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft
[2008.12.18 15:28:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mIRC
[2009.01.27 14:00:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla
[2008.09.05 18:10:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mp3tag
[2008.09.02 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Music Recognition
[2008.09.02 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\NCH Software
[2010.04.20 17:30:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nokia
[2008.09.02 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nvu
[2008.09.02 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera
[2009.02.18 19:07:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Orbit
[2010.04.21 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Packard Bell
[2008.09.02 15:17:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Roxio
[2010.06.10 14:21:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Skype
[2010.06.10 11:59:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\skypePM
[2009.02.06 17:32:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Teeworlds
[2009.05.03 15:55:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thinstall
[2009.01.09 16:26:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2010.06.10 18:24:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\vlc
[2010.06.04 11:22:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VMLoad
[2009.02.26 17:03:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VoipCheapCom
[2008.12.10 16:02:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VoipRaider
[2010.05.25 16:58:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VoipStunt
< %APPDATA%\*.exe /s >
[2007.06.25 19:29:32 | 000,087,608 | ---- | M] () -- C:\Users\***\AppData\Roaming\inst.exe
[2010.03.22 15:53:24 | 000,029,984 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\47qonp7q.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
[2007.08.29 17:36:00 | 000,110,592 | ---- | M] () -- C:\Users\***\AppData\Roaming\NCH Software\Components\mp3el\mp3enc.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.19 16:24:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008.02.19 16:24:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.19 16:24:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.19 16:24:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
< MD5 for: SCECLI.DLL >
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
< MD5 for: USERINIT.EXE >
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WS2IFSL.SYS >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\System32\drivers\ws2ifsl.sys
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2006.11.02 11:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2007.07.22 19:27:08 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\***\Desktop\megamixvalle.mp3:TOC.WMV
@Alternate Data Stream - 164 bytes -> C:\Users\***\AppData\Local\Temp:{769C9123-FE05-97DA-812B-3247783B80AE}
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:89EAFAFC
< End of report >
--- --- ---
[/QUOTE]
Extras.Txt
OTL Logfile: Code:
OTL Extras logfile created on: 15.06.2010 15:37:25 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16643)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.022,00 Mb Total Physical Memory | 188,00 Mb Available Physical Memory | 18,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,04 Gb Total Space | 72,56 Gb Free Space | 51,45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***-PC
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4039198485-1440016021-4218304769-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-4039198485-1440016021-4218304769-1008\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B54160-CCB1-422A-8A62-091C74A85A38}" = lport=445 | protocol=6 | dir=in | app=system |
"{02BF4CEA-A0E5-4C08-9D01-4262BEBE8FAD}" = lport=1863 | protocol=6 | dir=in | name=msnmsgr.exe |
"{04BE7D31-5472-457D-B755-ADE0699E8A6D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{06CF53C2-F9E5-419F-9E9A-7DE8569CED35}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{0B8F751A-39EB-45E3-BF9E-7E665FD0DC58}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=c:\windows\system32\snmptrap.exe |
"{0E1F4168-E634-42EC-B673-E09DD2DF178F}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{10F85BE8-A188-4385-9301-FD7456B453E4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{115E3C66-6022-4649-BA78-18FDBBBAD714}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{124CF775-6C91-40DC-8F4A-E3986A4568E1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{16A8E2DD-F865-43E2-9C9D-526E5929CD6D}" = lport=445 | protocol=6 | dir=in | app=system |
"{2005CBF0-63BD-43A9-B41A-D77F019568A1}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{2199D2FF-10B6-4A9C-8C17-CEC720061733}" = lport=1701 | protocol=17 | dir=in | app=system |
"{228B3953-D668-4B59-9B7A-C999DE4065CA}" = lport=1723 | protocol=6 | dir=in | app=system |
"{25656E3A-8A5F-4C98-91BA-826B5B14164E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{274367C7-D699-4101-8635-0A45E7D7F8F4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2AA1E61F-BC28-4A2E-848B-1CCB27AC8DE1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2DC1CC43-CF34-46DF-AD29-E0D32F1A9AB7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{32F03895-D8FB-40DA-8BB3-4ABA9CD33031}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe |
"{33C8793E-B880-466E-BB0D-61DD640D9D66}" = rport=1701 | protocol=17 | dir=out | app=system |
"{34D3FBE0-4864-457D-A580-B0CC96697C83}" = lport=2869 | protocol=6 | dir=in | app=system |
"{38A7420F-FF18-4397-8C01-3B408108B46B}" = rport=139 | protocol=6 | dir=out | app=system |
"{3A0BA2D7-F6A4-4A3D-AFF7-E4E34C6FD1DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{4225EFBE-A60D-48C7-828C-FB90F7C3B5E5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{43FB33D7-D182-4001-B1CF-BA6264F227AA}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{44C8F913-F60B-4461-A8F7-D1F17818037E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4531652E-D5F4-4A24-9D90-7BAB3C46E270}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |
"{4616E0FC-5C0D-42FE-8C63-5CF42A3A51E7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{47C42971-B170-460B-95D9-40C868EACA4E}" = lport=3390 | protocol=6 | dir=in | app=system |
"{4B22C493-95AF-43CE-A21D-1DCDE42C717A}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe |
"{4D9A6211-FFA4-445D-B330-54C0E4C31BFB}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
"{4F04BBF6-7205-45BA-B0C8-9379649E5619}" = rport=138 | protocol=17 | dir=out | app=system |
"{4FDE0165-2AF1-4497-AFD7-3899CA784366}" = lport=137 | protocol=17 | dir=in | app=system |
"{51B63F9D-1E92-45D3-9A85-992E7DC653C2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{5654B53C-D753-45CF-B20B-FC9E34A5AFC3}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{576D311B-0C99-429D-A0F2-878C2661B991}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{58F500FE-B964-4938-9067-D90787163D71}" = rport=5357 | protocol=6 | dir=out | app=system |
"{5A0521B4-4E25-40B6-8AA2-0E192457FB74}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{5CE66B3E-E9D5-4386-9174-5917BAB7956D}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |
"{5F424F41-71EE-48BA-A028-D955EE1E57FA}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{61C208CF-3824-4CEC-BF44-621C048BD94A}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe |
"{64ABD11B-D585-495C-AD3C-C403A72A8711}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe |
"{6852042F-37D6-4632-B5A2-8C40E9F6854C}" = lport=rpc | protocol=6 | dir=in | svc=tlntsvr | app=c:\windows\system32\tlntsvr.exe |
"{6942D2C7-67CC-46FA-A846-71CF21C07E32}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6C2243E7-4737-4959-84E3-0A2E7DF00109}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{6FBD756C-940F-4E96-AF05-430D64188915}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{75F86348-8628-4672-81F9-CBE73603FA81}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{777BC788-D2D2-4B16-93CD-4553A6472F7C}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{7A107DAE-F3A0-4190-92B4-572F8EF32103}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{7B5C8140-3F80-4971-A609-8B2896F9ABE2}" = rport=137 | protocol=17 | dir=out | app=system |
"{7BE6FE4F-6D86-40C4-9E24-6ABCB7AF5713}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7CB8F877-1DD7-4CE7-A573-ABB3592E9DF6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{81328B38-0D2E-4301-AF63-7DA4362D37D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8481BCA2-3BE1-4A0D-A1FC-C0D6CE228D13}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{8536CF81-9B2A-4AAC-BFD2-A748B02330CF}" = lport=5357 | protocol=6 | dir=in | app=system |
"{89A7CDA8-2C39-48AC-AF85-8F58984A1CC1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8ADF4FB0-B43F-44FE-9F18-CA1C03ADBCA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{94A9637B-D189-4FA5-8189-0CBC49A0A185}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{96DC528F-8625-4E3E-BD28-A26FA2D74603}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{980DCB40-A1E0-4019-AECD-005AD8A01C12}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{9840A51A-4D21-4F3A-9E9B-401664F163BF}" = rport=445 | protocol=6 | dir=out | app=system |
"{9883A498-F453-456D-8EC6-9A8B88E9829C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{992D6A18-8678-42AB-9B0B-7213FBBFF1AD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9DFB35F4-537C-4902-BB43-5FBD8202CDF6}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=c:\windows\system32\svchost.exe |
"{9F0E87B3-0144-4DAB-9604-16E7C9ED348B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9F93E17F-5570-4C3C-86BA-A3D24A77D61A}" = rport=10244 | protocol=6 | dir=out | app=system |
"{A0CA2413-4BC8-4E6D-A73E-1E9FE37870AF}" = lport=445 | protocol=6 | dir=in | app=system |
"{A14B048B-6588-4649-B7D5-FD7EC188EE79}" = lport=5358 | protocol=6 | dir=in | app=system |
"{A18E08BA-BC71-45CA-8A57-651FD1E8C0C5}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{A22B63DC-32B9-4D15-B3DA-E9999F385C80}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A6B1FE0E-FE3D-4B68-9DF9-DAEFB1B9FD77}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A8388325-DD1B-41BF-8683-15E80368F2EC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{AB16E3F5-26D8-41B9-9500-87095F6ABD0D}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{ACCB9A96-3D12-4EF9-8AB5-DBDDEBDD78D5}" = lport=445 | protocol=6 | dir=in | app=system |
"{AEDA879E-45ED-43A1-AC3E-33B51E2DBDC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B0A8689D-052C-40AD-BF3C-2FC474691336}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{B4879FEA-AF0E-430D-9B8E-7326FE330744}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{B606A142-D776-4DA3-9648-D536C27EA778}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BB9F3E55-F6E4-4B4C-81DB-2C4F114BA209}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{C4DEBC75-1F45-490A-9257-0B9A896BA457}" = lport=139 | protocol=6 | dir=in | app=system |
"{C979F29A-D3AA-4F41-B490-15D3EF7EAE9E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{CB4CA935-8570-4480-99C4-879BAF38534F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{CBED4F11-F502-497E-AB5B-0A3502A8EFC3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{CF80EC8F-0D93-497A-A73E-70E2C74D06C8}" = lport=80 | protocol=6 | dir=in | app=system |
"{D44C8394-B2B8-418F-91CD-58BA936BD5CE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D4D22349-66ED-4662-9D66-54E84CFE4C6D}" = lport=138 | protocol=17 | dir=in | app=system |
"{D5AE991D-3935-4DCD-946B-4F868B159B7A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D95C38C1-5505-4E40-A211-77E85084E93E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DE2899C0-13DC-427E-B125-D48583B6C3D4}" = lport=10244 | protocol=6 | dir=in | app=system |
"{E1A8F5A9-FA5B-4128-9909-E788066DF5B0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E59696B1-81A0-4FB7-AE35-96CFEA56D4F6}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{EA8E1543-B467-4EC7-9C66-950AAE52870F}" = rport=1723 | protocol=6 | dir=out | app=system |
"{EBF19BF2-A0AD-4203-8285-625DA60ABE7A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{F0F440DB-B3EC-4B90-B8FB-ACB32C1558F5}" = lport=445 | protocol=6 | dir=in | app=system |
"{F7EF2692-0CE6-4AC6-9972-3B29F60B464B}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe |
"{F998C04B-6CD4-4986-A308-638D763BB9D1}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{FBA928DC-BB44-41B3-92D4-E979FE588902}" = rport=5358 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FA08D6-7C84-4020-BC51-EB0F52CB491F}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{01E594B7-32D3-4F92-853F-D833D101C9FE}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{05CEC469-5B81-4951-B7C5-833D87BFE76A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0BA654DB-892C-4D6B-9981-DC41E49728DB}" = protocol=6 | dir=out | app=system |
"{0BDAFD98-B7D0-43BB-8B0F-6A7BFD9461D8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{11679F10-B001-4E5E-95E5-F3C61878486A}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{13CCFF6E-311D-4F8B-B1EE-7BA18832ED77}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{1599CFB3-2479-4A80-8003-306FFAC4768B}" = protocol=6 | dir=in | app=c:\users\***. ***-pc\downloads\cgwebinstall\cgwebinstall.exe |
"{166680C7-8035-4BD6-AE95-47DCC0B83FA3}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{1840E67B-0330-4BF6-9728-09E93E65E561}" = protocol=6 | dir=in | app=c:\program files\bearshare\bearshare.exe |
"{191419B9-2325-4B90-9EE0-E29736A03981}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{1F2236EB-7A37-42CF-8D25-A01F92064035}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{2085DAB2-AC29-4683-AD74-6909BF0584F1}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{21AE99C7-67A5-4E01-852E-C85ECFFBDA5A}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{22F440B9-6E13-4FBA-A425-68C829722D09}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{25665CCD-E5F5-4FFA-8504-0D21D3835F76}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{34440029-7F81-473C-99C9-B030FFEA6AB3}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{38B5E073-BD0A-4AD9-8DEC-7F97F4C45BBC}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{3C43EC66-FE0D-49D4-8651-2EB035842F6A}" = protocol=6 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3C5BD5DF-3462-42FF-A024-4A6A0E76E8AD}" = protocol=17 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3F2A6FF2-72B6-4EA5-9FD2-2BF08DB77DD4}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{49BA82A7-D382-46C0-9272-0E1A37DF8DDA}" = protocol=17 | dir=in | app=c:\users\***. ***-pc\downloads\cgwebinstall\cgwebinstall.exe |
"{4B1B57DC-960C-4007-9E1C-F48B33614180}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{52216BA6-16FD-4BE2-868E-B38926B0843A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{540A1882-EFBF-495A-A7B7-B99A72BDCBD3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{540B3A4D-B177-4473-9950-F4F904ECDFCA}" = protocol=6 | dir=in | app=c:\program files\ftp-uploader\ftpuploader.exe |
"{559E4F39-15B3-4C0A-B882-0674F5DA5AC3}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{56E7D705-1C80-490D-BE74-86F660589243}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
"{5CD2277B-5A1D-4CDD-9E21-469DE5AD11EC}" = protocol=6 | dir=in | app=c:\windows\temp\~os2b8b.tmp\ossproxy.exe |
"{5EC471AE-16DA-4958-833F-7278FE623CCF}" = protocol=6 | dir=in | app=c:\windows\system32\plasrv.exe |
"{61CA0725-1CA2-4ECD-BA71-21B919B0CC0E}" = protocol=17 | dir=in | app=c:\program files\bearshare\bearshare.exe |
"{62FCA03C-6566-42AC-A7E7-727A10A0959C}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{6700E9BE-18B1-4F1B-952A-D7711DE8D9A1}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{67ABED83-6BAF-4A1C-8327-78198089C531}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{67FF39C8-73B0-446B-BDE6-F6FC1D786EB6}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
"{698B7F9C-CA7F-4A86-87B0-94E688C8C32D}" = protocol=17 | dir=in | app=c:\program files\ftp-uploader\ftpuploader.exe |
"{6BC8901C-ED7D-4FFE-87F0-E41738B61501}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{75D32B99-127E-4C14-B3C4-0C88BE6FAD91}" = protocol=6 | dir=in | app=c:\program files\voipwise.com\voipwise\voipwise.exe |
"{76F27A11-F372-425F-A2D6-702AA6975E35}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{76FE210B-C816-43CF-A786-D1303B2526DB}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{7BB5C2D5-F28D-4B66-9E18-A4924DB98702}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{7C600104-3B67-406E-BFDA-923FF61760AF}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{83C9ABCD-520B-4678-8EB2-647B35A5E333}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{890AE091-0F02-4965-9F08-5CB85C3D3C71}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{945BED41-3B80-4397-AD69-F83089C1FC30}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{96947DD2-3654-4D49-BAFF-AD8A0A399137}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |
"{96950783-8703-4515-99D9-23E021624845}" = protocol=17 | dir=in | app=c:\program files\voipcheapcom\voipcheapcom.exe |
"{9B709719-EFB9-440C-8E9F-70B410447C47}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{9D76608B-A45D-4C94-8628-31072B759C07}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A349507C-1AAF-4E0B-8607-BCF0EA3BBF18}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{A364052D-39DB-4B3F-AB74-A7E1CE01CB5A}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{A39600D5-36F6-4028-87C1-568ADB3D63EB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A6D49542-1D9A-4585-A472-E6DC7ABAE59E}" = protocol=6 | dir=out | app=system |
"{A8B8EFF1-0508-4DE4-A663-C0C906528422}" = protocol=17 | dir=in | app=c:\program files\voipwise.com\voipwise\voipwise.exe |
"{AA2B9C83-A10B-4D58-807B-42F6BE5CE3C1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AB2E8722-A46D-4E3D-926B-74A9351EBB59}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{ABAB253B-6EBA-4F4C-A82D-AFAF9657958E}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{AEF256BB-E465-48EE-9D04-0BCE6036D802}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{B03838E6-972E-4CAD-BC1C-010B5D93E999}" = protocol=17 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{B03D2CCA-CB83-4594-924C-D71632A85C22}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B4B33860-D68A-4291-A747-9EC1FF718BAD}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{B5C1CCF3-BC81-410A-8AFA-CE071A5F00B1}" = protocol=6 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{B775CAC2-845C-43BE-A52C-63556665BD53}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{BC7E24B3-3E0F-4B49-AB96-E7B5ABC711AC}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{BDF659F3-7726-4AF7-B7F8-F8FAFEF3D5A2}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{C1A04C8C-38CA-4FC6-A2D3-12BA5465ED4F}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{C96E8C03-6BDF-4E36-9BF3-40879575BDB2}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{CF27A1DF-B877-4715-A725-AEC11A272752}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D07D6924-F957-4719-B406-B540B3F54210}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{E054D7E5-C100-4DC8-B7EB-9F0D6385F7EE}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{E2820949-0DC6-4124-B81F-560206D90408}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{E7D47442-F953-441F-9859-D94DE907104A}" = protocol=6 | dir=in | app=c:\program files\voipcheapcom\voipcheapcom.exe |
"{EC4E2C48-C272-43A9-8E6F-FC785BA8E3D4}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |
"{F086983D-5EB7-46D6-A78D-E36EFA7DF4B0}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{F38F9E2E-4724-477C-AAA6-791C2486E270}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{F3A8334B-E5BB-4FD5-AA15-7426553305DB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{F9F09EFD-A20E-4C8A-9510-6245F4ED2DE0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FB2A1BFD-915E-4427-85C8-18041C40006D}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe |
"TCP Query User{202B0546-5AF0-455D-89E6-A091BA611509}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{4AB448E6-F92A-42D6-A7B5-FD81E46A8A28}C:\program files\java\jre6\launch4j-tmp\vmload.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\vmload.exe |
"TCP Query User{578F90A7-91A4-43BF-B85B-A1EDCC12CECB}C:\users\***\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{618D18A3-543E-4FF3-B2CE-9F01D94A0067}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{83471A51-B3DC-4B6A-A663-E1DAFEE8882D}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{83BC334E-B599-4272-9304-98A0C29532A6}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{867F9580-F0A7-482B-96E2-9BFC1FBA4618}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{A6543B24-FAB9-4626-AA91-693B3A80052D}C:\program files\free music zilla\fmzilla.exe" = protocol=6 | dir=in | app=c:\program files\free music zilla\fmzilla.exe |
"TCP Query User{E6DB9214-F5CF-431C-99DE-0BC9410876FC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{04BFB63E-364B-43FB-8C12-3F12717DF070}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{1BB77A13-AFFB-4822-A21D-4D4B98C75EFE}C:\users\***\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{1E436801-1118-4EA9-B0E3-0DB994EC08A8}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{5635B7E8-15FA-4966-A382-AD17F8A05FB7}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{59653057-E0B1-4620-A32B-65AA2CBC7E5E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{692A0B82-565D-4F79-BA30-03E9EA9D4B5B}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{71D1B118-9BF2-41BE-B350-0BFAD13BFFA0}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{7485E5AC-244B-484C-8C15-1AC7B449BD8B}C:\program files\java\jre6\launch4j-tmp\vmload.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\vmload.exe |
"UDP Query User{AFDBBEE0-A55F-4FE0-A02D-69CC22C315BE}C:\program files\free music zilla\fmzilla.exe" = protocol=17 | dir=in | app=c:\program files\free music zilla\fmzilla.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{73C0DA51-DB32-4F66-970B-7298F3CAF37F}" = Nokia Software Updater
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}" = Hercules Webcam
"{A2A2CA33-9E57-4949-9C23-C09AE032CBD2}" = Speedport W 100 Stick
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.5 - Deutsch
"{AC76BA86-7AD7-1031-7B44-A81300000003}_814" = KB408682
"{B5F8FCE2-1677-4370-A857-4976E5A95209}" = Topaz Vivacity
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Creator 9 LE
"{BA836290-80B7-4990-80D1-9BB0C10C9094}" = Symantec Real Time Storage Protection Component
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan
"{D208F4A7-6B73-4C2A-8B1E-8756FCBA831E}" = Hercules WebCam Station
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{DA18FD01-4830-45D6-8408-8F20A9D89D95}" = PC Connectivity Solution
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AOL Deinstallation" = AOL Deinstallation
"Ask & Record Toolbar4.01" = Ask & Record Toolbar 4.01
"Audio DVD Creator_is1" = Audio DVD Creator 1.9.1.0
"AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5322
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"CREATOR9" = Creator 9
"FileZilla Client" = FileZilla Client 3.0.11
"HijackThis" = HijackThis 2.0.2
"HLOP_is1" = discoDSP HighLife R3
"Infocentre" = Infocentre Rev. 2.0
"InstallShield_{A2A2CA33-9E57-4949-9C23-C09AE032CBD2}" = Speedport W 100 Stick
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"mIRC" = mIRC
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mp3tag" = Mp3tag v2.41
"Native Instruments FM8" = Native Instruments FM8
"NIS2007_DE" = NIS2007
"NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan (Symantec Corporation)
"NVIDIA Drivers" = NVIDIA Drivers
"SETUPMYPC_DE" = SetUp My PC
"SKYPE" = Skype 2.5.2.151
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.08
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"Universal Extractor_is1" = Universal Extractor 1.6
"Updator" = Packard Bell Updator
"VIDEO_NVIDIA" = Video NVIDIA v97.19
"VLC media player" = VLC media player 1.0.5
"VN_VUIns_Rhine_VIA" = VIA Rhine Family Fast Ethernet Adapter
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"YInstHelper" = Yahoo! Install Manager
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4039198485-1440016021-4218304769-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.06.2010 08:29:41 | Computer Name = ***-PC | Source = WinDefendRtp | ID = 3003
Description = Vom %%827-Echtzeitschutz-Prüfpunkt wurde ein Fehler festgestellt.
Er konnte daraufhin nicht gestartet werden. Benutzer: ***-PC\*** Prüfpunkt-ID:
57 Fehlercode: 0x80070005 Fehlerbeschreibung: Zugriff verweigert
Error - 14.06.2010 12:14:03 | Computer Name = ***-PC | Source = Google Update | ID = 20
Description =
Error - 14.06.2010 12:14:09 | Computer Name = ***-PC | Source = WinDefendRtp | ID = 3003
Description = Vom %%827-Echtzeitschutz-Prüfpunkt wurde ein Fehler festgestellt.
Er konnte daraufhin nicht gestartet werden. Benutzer: ***-PC\*** Prüfpunkt-ID:
57 Fehlercode: 0x80070005 Fehlerbeschreibung: Zugriff verweigert
Error - 14.06.2010 13:51:11 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung msnmsgr.exe, Version 14.0.8089.726, Zeitstempel
0x4a6ce533, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x00000000, Prozess-ID 0x1610, Anwendungsstartzeit
01cb0be4ba9514b8.
Error - 14.06.2010 15:28:15 | Computer Name = ***-PC | Source = WinDefendRtp | ID = 3003
Description = Vom %%827-Echtzeitschutz-Prüfpunkt wurde ein Fehler festgestellt.
Er konnte daraufhin nicht gestartet werden. Benutzer: ***-PC\*** Prüfpunkt-ID:
57 Fehlercode: 0x80070005 Fehlerbeschreibung: Zugriff verweigert
Error - 15.06.2010 06:41:50 | Computer Name = ***-PC | Source = WinDefendRtp | ID = 3003
Description = Vom %%827-Echtzeitschutz-Prüfpunkt wurde ein Fehler festgestellt.
Er konnte daraufhin nicht gestartet werden. Benutzer: ***-PC\*** Prüfpunkt-ID:
57 Fehlercode: 0x80070005 Fehlerbeschreibung: Zugriff verweigert
Error - 15.06.2010 08:34:26 | Computer Name = ***-PC | Source = Google Update | ID = 20
Description =
Error - 15.06.2010 08:34:38 | Computer Name = ***-PC | Source = WinDefendRtp | ID = 3003
Description = Vom %%827-Echtzeitschutz-Prüfpunkt wurde ein Fehler festgestellt.
Er konnte daraufhin nicht gestartet werden. Benutzer: ***-PC\*** Prüfpunkt-ID:
57 Fehlercode: 0x80070005 Fehlerbeschreibung: Zugriff verweigert
Error - 15.06.2010 08:44:18 | Computer Name = ***-PC | Source = Google Update | ID = 20
Description =
Error - 15.06.2010 09:05:19 | Computer Name = ***-PC | Source = WinDefendRtp | ID = 3003
Description = Vom %%827-Echtzeitschutz-Prüfpunkt wurde ein Fehler festgestellt.
Er konnte daraufhin nicht gestartet werden. Benutzer: ***-PC\*** Prüfpunkt-ID:
57 Fehlercode: 0x80070005 Fehlerbeschreibung: Zugriff verweigert
[ System Events ]
Error - 15.06.2010 08:32:43 | Computer Name = ***-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 15.06.2010 08:32:43 | Computer Name = ***-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 15.06.2010 08:32:43 | Computer Name = ***-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 15.06.2010 08:32:43 | Computer Name = ***-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 15.06.2010 08:32:43 | Computer Name = ***-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 15.06.2010 08:32:43 | Computer Name = ***-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 15.06.2010 08:32:49 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 15.06.2010 08:32:49 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 15.06.2010 08:32:49 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 15.06.2010 08:54:25 | Computer Name = ***-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease ***.***.*.*** für die Netzwerkkarte mit der Netzwerkadresse
0003C9EAAC90 wurde durch den DHCP-Server ***.***.*.* abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
< End of report >
--- --- --- |
