Mr.Icetea | 10.08.2010 15:16 | und hier der otl-scan. Sieht es dolle schlimm aus?
otl.txt:
OTL Logfile: Code:
OTL logfile created on: 10.08.2010 16:06:03 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\amueller\Desktop
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 76,69 Gb Total Space | 17,90 Gb Free Space | 23,34% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 28,12 Gb Total Space | 6,38 Gb Free Space | 22,69% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 916,90 Gb Total Space | 838,92 Gb Free Space | 91,50% Space Free | Partition Type: NTFS
Computer Name: AMUELLER-PC
Current User Name: amueller
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\amueller\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\amueller\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Lion\Lion.exe ()
PRC - C:\Programme\Lion\browser.exe ()
PRC - C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Windows\System32\bmwebcfg.exe (Bytemobile, Inc.)
PRC - C:\Programme\Zeon\DocuCom\PDF Gold 8\bin\PDFPlus.exe (Zeon Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Capture-A-ScreenShot\Capture-A-ScreenShot.exe ()
PRC - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\OFFICE11\OUTLOOK.EXE (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\amueller\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Zeon\DocuCom\PDF Gold 8\bin\IEHelp.dll ()
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (WinHttpAutoProxySvc) -- File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirFirewallService) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TeamViewer4) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SQLEXPRESS) SQL Server-Agent (SQLEXPRESS) -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (MSSQLServerADHelper100) -- C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (bmwebcfg) -- C:\Windows\System32\bmwebcfg.exe (Bytemobile, Inc.)
========== Driver Services (SafeList) ==========
DRV - (PalmUSBD) -- C:\Windows\System32\drivers\PalmUSBD.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\amueller\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avfwot) -- C:\Windows\System32\drivers\avfwot.sys (Avira GmbH)
DRV - (avfwim) -- C:\Windows\System32\drivers\avfwim.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (RsFx0102) -- C:\Windows\System32\drivers\RsFx0102.sys (Microsoft Corporation)
DRV - (teamviewervpn) -- C:\Windows\System32\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (NWUSBPort) -- C:\Windows\System32\drivers\nwusbser.sys (Novatel Wireless Inc.)
DRV - (NWUSBModem) -- C:\Windows\System32\drivers\nwusbmdm.sys (Novatel Wireless Inc.)
DRV - (tcpipBM) -- C:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (PRISM_ICB) -- C:\Windows\System32\drivers\WG511ICB.sys (Conexant Systems, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.06.29 11:50:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.06.29 11:50:57 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKCU..\Run: [Lion] C:\Program Files\Lion\Lion.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: registration.sonystyle-europe.com ([]* in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.255.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O24 - Desktop WallPaper: C:\Users\amueller\Pictures\explodingdog\capture1.jpg
O24 - Desktop BackupWallPaper: C:\Users\amueller\Pictures\explodingdog\capture1.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{75e108fe-7f7b-11de-9463-00a0d16e5feb}\Shell - "" = AutoRun
O33 - MountPoints2\{75e108fe-7f7b-11de-9463-00a0d16e5feb}\Shell\AutoRun\command - "" = D:\starter.exe -- File not found
O33 - MountPoints2\{f07231c8-7115-11de-8cf5-00a0d16e5feb}\Shell - "" = AutoRun
O33 - MountPoints2\{f07231c8-7115-11de-8cf5-00a0d16e5feb}\Shell\AutoRun\command - "" = D:\starter.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.08.10 16:05:03 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\amueller\Desktop\OTL.exe
[2010.08.10 13:41:23 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\amueller\Desktop\mbam-setup (1).exe
[2010.08.09 19:11:50 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\amueller\Desktop\HiJackThis.exe
[2010.08.04 10:28:00 | 000,069,632 | ---- | C] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2010.07.21 20:57:28 | 000,000,000 | ---D | C] -- C:\Users\amueller\AppData\Roaming\17DAFEA4C85B8AAF94F4E89598256240
[2010.07.20 18:04:52 | 000,000,000 | ---D | C] -- C:\Users\amueller\Desktop\ERGO Direkt Versicherungen – neues Affiliateprogramm » » 100partnerprogramme.de Merchantblog_files
[2010.07.18 18:28:18 | 000,000,000 | ---D | C] -- C:\Users\amueller\AppData\Roaming\DivX
[2010.07.18 18:27:25 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine
[2010.07.18 18:26:13 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DivX Shared
[2010.07.18 18:24:19 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.07.18 18:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.07.14 12:32:31 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[4 C:\Users\amueller\Desktop\*.tmp files -> C:\Users\amueller\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.08.10 16:09:12 | 002,097,152 | -HS- | M] () -- C:\Users\amueller\NTUSER.DAT
[2010.08.10 16:08:57 | 000,008,844 | ---- | M] () -- C:\Users\amueller\Desktop\capture1.jpg
[2010.08.10 16:05:03 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\amueller\Desktop\OTL.exe
[2010.08.10 16:00:01 | 000,001,130 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1455154888-4151250377-1015525046-1000UA.job
[2010.08.10 15:18:17 | 000,004,320 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.10 15:18:17 | 000,004,320 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.10 13:42:16 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.10 13:41:30 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\amueller\Desktop\mbam-setup (1).exe
[2010.08.10 11:26:15 | 000,174,592 | ---- | M] () -- C:\Users\amueller\Desktop\Stundenabrechnung 2010 Andreas Müller.xls
[2010.08.10 11:18:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.10 09:34:25 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.08.10 09:34:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.10 09:33:51 | 2137,055,232 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.10 04:18:11 | 003,228,524 | -H-- | M] () -- C:\Users\amueller\AppData\Local\IconCache.db
[2010.08.09 21:28:30 | 001,653,604 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.09 21:28:30 | 000,710,156 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.09 21:28:30 | 000,678,358 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.09 21:28:30 | 000,142,126 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.09 21:28:30 | 000,129,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.09 19:11:53 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\amueller\Desktop\HiJackThis.exe
[2010.08.05 20:44:40 | 000,000,600 | ---- | M] () -- C:\Users\amueller\winscp.RND
[2010.08.04 17:00:01 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1455154888-4151250377-1015525046-1000Core.job
[2010.08.04 10:31:35 | 000,032,594 | ---- | M] () -- C:\Windows\scunin.dat
[2010.08.04 10:31:32 | 000,069,632 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2010.08.04 10:31:32 | 000,000,967 | ---- | M] () -- C:\Windows\ScUnin.pif
[2010.08.03 16:03:40 | 175,393,555 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.07.30 16:26:48 | 000,053,248 | ---- | M] () -- C:\Users\amueller\Desktop\DM_Stellenprofile__Website_Management_FK246.PPT
[2010.07.30 15:42:37 | 000,190,976 | ---- | M] () -- C:\Users\amueller\Desktop\Absagen ohne Eintrag 29.07.xls
[2010.07.21 17:23:36 | 000,173,568 | ---- | M] () -- C:\Users\amueller\Desktop\Stundenabrechnung 2010 Andreas Müller pausenkorrektur.xls
[2010.07.20 18:04:52 | 000,140,376 | ---- | M] () -- C:\Users\amueller\Desktop\ERGO Direkt Versicherungen – neues Affiliateprogramm » » 100partnerprogramme.de Merchantblog.htm
[2010.07.20 18:00:59 | 005,092,235 | ---- | M] () -- C:\Users\amueller\Desktop\explido_PMAXX_Banken_Versicherungen_Ausgabe2.pdf
[2010.07.13 14:25:29 | 000,015,872 | ---- | M] () -- C:\Users\amueller\Desktop\Microsoft Excel-Arbeitsblatt (neu).xls
[4 C:\Users\amueller\Desktop\*.tmp files -> C:\Users\amueller\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.08.10 16:08:57 | 000,008,844 | ---- | C] () -- C:\Users\amueller\Desktop\capture1.jpg
[2010.08.10 13:42:16 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.04 10:28:03 | 000,032,594 | ---- | C] () -- C:\Windows\scunin.dat
[2010.08.04 10:28:00 | 000,000,967 | ---- | C] () -- C:\Windows\ScUnin.pif
[2010.07.30 16:26:46 | 000,053,248 | ---- | C] () -- C:\Users\amueller\Desktop\DM_Stellenprofile__Website_Management_FK246.PPT
[2010.07.30 15:42:37 | 000,190,976 | ---- | C] () -- C:\Users\amueller\Desktop\Absagen ohne Eintrag 29.07.xls
[2010.07.21 17:21:35 | 000,173,568 | ---- | C] () -- C:\Users\amueller\Desktop\Stundenabrechnung 2010 Andreas Müller pausenkorrektur.xls
[2010.07.20 18:04:46 | 000,140,376 | ---- | C] () -- C:\Users\amueller\Desktop\ERGO Direkt Versicherungen – neues Affiliateprogramm » » 100partnerprogramme.de Merchantblog.htm
[2010.07.20 18:00:51 | 005,092,235 | ---- | C] () -- C:\Users\amueller\Desktop\explido_PMAXX_Banken_Versicherungen_Ausgabe2.pdf
[2009.06.26 18:57:50 | 000,000,069 | ---- | C] () -- C:\Windows\wininit.ini
[2008.09.21 15:14:55 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.10.01 19:16:00 | 000,013,312 | ---- | C] () -- C:\Windows\System32\CallSimReader.dll
[2007.10.01 19:15:54 | 000,061,440 | ---- | C] () -- C:\Windows\System32\SimReader.dll
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.01.30 10:00:00 | 000,106,496 | ---- | C] () -- C:\Windows\System32\VSHP1020.DLL
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
< End of report > --- --- ---
extras.txt:
OTL Logfile: Code:
OTL Extras logfile created on: 10.08.2010 16:06:03 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\amueller\Desktop
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 76,69 Gb Total Space | 17,90 Gb Free Space | 23,34% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 28,12 Gb Total Space | 6,38 Gb Free Space | 22,69% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 916,90 Gb Total Space | 838,92 Gb Free Space | 91,50% Space Free | Partition Type: NTFS
Computer Name: AMUELLER-PC
Current User Name: amueller
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.reg [@ = regfile] -- regedit.exe "%1"
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4011D9C3-FB77-4344-8ED1-9D5C3B4F2B8F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{58232324-89E0-470E-B1B8-6AC541B87813}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5CD812EA-7048-4136-9BFE-F1B26DEA8A0D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A0D2AE9C-12F0-43A0-9509-B75896AA5EBF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1D0CA49-9E80-4CAB-8B86-C149CEC5AFBB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C8E68DE1-6192-406A-BA85-001B225E52ED}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9AD8642-1549-466B-90C7-F7B443442466}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E9FC29A8-7ADB-4CA9-A90F-F5AB526097F1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FEB2FDD6-FD8E-432A-8983-BE0FD0E17CEB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{047637A3-9162-497C-AD00-4E192C9D3734}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0479463D-C244-47AE-BD67-4DE724BBEB69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{10CD8611-1E01-4B4A-A933-7BEAD558031D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{11B3C88F-D02F-490F-8EC8-F1482135E408}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{12AEC3BD-E4E3-48A8-A04D-EE1D99C3495D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19C8835D-CB0A-4709-AABD-473DA0F19520}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1EF094AC-BD72-40B2-BDDE-3B80285E6E20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2354DC83-0062-4370-B727-B910734B10E4}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{2BFACA29-0CA1-4DB8-AEB7-C4CCB496444D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D8AA26F-F7DF-410A-BE14-4C96B856E13A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{335B5509-534C-440F-8B17-B23CA8062CE0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{39A42045-4CB3-4173-8054-83FCEA5E8DFE}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{45D69144-037B-4E9E-82BD-54BA68A4DF5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4918FBD1-3334-42F8-925C-0BE96147E84D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{4C65E4B6-EC95-48AB-8768-D4AC9EA7947E}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{5582A334-C17E-42F8-AD0A-E9A73D8BBB1A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{5BE446DA-FDDF-43A0-9A6F-862607ECBFA4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5E892050-2C0F-4AF7-9B66-23D7F7349708}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CF61321-1A92-4FE9-9850-6E7DD01D1E76}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6F723B26-96C0-46CE-84D7-DD794660BB46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{717C19FC-2CB9-4248-9B6F-B32CBB623D91}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7200FA7D-ACBE-4E80-A80D-30DE52ADAD02}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7593B02B-478E-4537-8E05-A8504520E521}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{773DCAD2-85EC-4117-B3B6-15BF31BC5FF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7C236159-C9D6-4EE7-911C-67280F8FC721}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{836ABB73-1C0F-4507-8799-ED1C4AC42C22}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8CEF7521-D7BB-495B-9819-697C5B8D9C65}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{975AD229-9909-4C15-9E73-6268171A9408}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9A7C2A46-F1D9-4F99-ACBE-D48F2352D85F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ACA9584B-E198-4C5D-9A39-6A889B057512}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B34238AF-11E1-4F2B-A494-E4162ABB0E9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C169534D-6B18-417D-B3E0-BC0863453E04}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD44938D-32F4-4D8C-BF23-679071E32154}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CF0F936C-2DB6-4540-857C-867C095C627F}" = protocol=6 | dir=out | app=system |
"{D488D1EB-82AE-4A2C-A6CF-CCCA8DEDDFAE}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D5F05382-46AC-43AC-9426-8BDD0921C509}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1C0E994-D2E0-4B96-ADBD-6011E0554CDE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E431A75F-2980-41C3-AF0C-15710FBA3FF0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E737330D-4E3D-4130-B361-A9347DFFDC4F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ECE87647-B533-4AA2-803C-B7AB982D94C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF666898-1A89-4EF1-B6CE-17B8D71B9776}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{02A2E34E-AC53-457F-AB1C-E41D03603A86}C:\program files\sony handheld\hotsync.exe" = protocol=6 | dir=in | app=c:\program files\sony handheld\hotsync.exe |
"TCP Query User{1928E562-71BD-412E-ACA9-B5B587964629}C:\users\amueller\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\amueller\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{51B2747D-3997-45EE-9E9F-E8CC1230B995}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{535A83F2-A4A0-47DC-9F1D-242A55097DCD}C:\program files\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"TCP Query User{6C71C942-1173-405A-81CC-C174340FE2DA}C:\program files\sony handheld\hotsync.exe" = protocol=6 | dir=in | app=c:\program files\sony handheld\hotsync.exe |
"TCP Query User{78E8F488-D141-4089-AEB3-8D299B8F10C5}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{8AF365B5-3822-4A18-B5EB-89088D4722AC}C:\users\amueller\temp\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\amueller\temp\teamviewer\version4\teamviewer.exe |
"TCP Query User{ADF1D2BD-773B-4179-B697-4D9D6580CC26}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{3270D369-1A37-4A2D-90C3-5109E807A691}C:\users\amueller\temp\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\amueller\temp\teamviewer\version4\teamviewer.exe |
"UDP Query User{4F71EB62-D630-4C92-BDEB-594136BBAC5A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{4FE7CDBF-3B48-4B17-B6E5-8631464AED36}C:\users\amueller\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\amueller\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{564FE6D9-1525-4726-9912-E0F0706A3381}C:\program files\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"UDP Query User{6B35C44C-9F7C-4CBB-B707-C9AEB2E3CA78}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{A53F5798-57DA-4697-8A55-8C92CE459851}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{B8523725-E0B3-49D6-B571-44D03994BC42}C:\program files\sony handheld\hotsync.exe" = protocol=17 | dir=in | app=c:\program files\sony handheld\hotsync.exe |
"UDP Query User{CFDA3250-E20B-43DC-8FD8-2F28D17CC435}C:\program files\sony handheld\hotsync.exe" = protocol=17 | dir=in | app=c:\program files\sony handheld\hotsync.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D993950-3A5C-434E-82F8-72E7ADFC3182}" = Shutdown-Manager
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.5
"{1ECCE5C7-7C28-4384-8711-90228FCFDFA8}" = Vodafone Mobile Connect
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{2A329709-A0F3-11D0-9501-444553540000}_is1" = PocketMirror (Standard Trial Edition) 4.3.0
"{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90510407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0CCCBC7-8B52-439F-89D8-91535859C9BB}" = DocuCom PDF Gold 8.1
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5A7D7AB-3093-3619-9261-74DB250ECF7B}" = Microsoft Visual C++ 2008 Express Edition with SP1 - DEU
"{E89D78B8-28F7-412F-8B26-C684739CBBDC}" = Palm Desktop
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Professional
"Capture-A-ScreenShot_is1" = Capture-A-ScreenShot
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Setup.divx.com" = DivX-Setup
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Foxit Reader" = Foxit Reader
"HijackThis" = HijackThis 2.0.2
"LastFM_is1" = Last.fm 1.5.4.24567
"Lion_is1" = Lion 3.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MDI2PDF (Microsoft Office Document Image) Converter_is1" = MDI2PDF 2.5
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2008 Express Edition with SP1 - DEU" = Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Starcraft" = Starcraft
"TeamViewer 4" = TeamViewer 4
"TeamViewer 5" = TeamViewer 5
"VLC media player" = VLC media player 0.9.8a
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 3.8 beta
"XnView_is1" = XnView 1.96
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10.08.2010 03:54:16 | Computer Name = amueller-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 10.08.2010 03:54:16 | Computer Name = amueller-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2948
Error - 10.08.2010 03:54:16 | Computer Name = amueller-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2948
Error - 10.08.2010 03:54:17 | Computer Name = amueller-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 10.08.2010 03:54:17 | Computer Name = amueller-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4040
Error - 10.08.2010 03:54:17 | Computer Name = amueller-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4040
Error - 10.08.2010 03:54:18 | Computer Name = amueller-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 10.08.2010 03:54:18 | Computer Name = amueller-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5210
Error - 10.08.2010 03:54:18 | Computer Name = amueller-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5210
Error - 10.08.2010 05:18:26 | Computer Name = amueller-PC | Source = Avira AntiVir | ID = 4129
Description = Das Update von AMUELLER-PC (127.0.0.1) ist fehlgeschlagen. Während
des Herunterladens ist ein Fehler aufgetreten . Es wurden keine neuen Dateien geladen.
[ System Events ]
Error - 07.08.2010 20:16:53 | Computer Name = amueller-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00A0D16E582A zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 08.08.2010 11:44:27 | Computer Name = amueller-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00FFCF541374 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 09.08.2010 07:20:40 | Computer Name = amueller-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.102 für die Netzwerkkarte mit der Netzwerkadresse
0019D28B409D wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 09.08.2010 07:24:42 | Computer Name = amueller-PC | Source = BROWSER | ID = 8032
Description =
Error - 09.08.2010 15:22:05 | Computer Name = amueller-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.255.33 für die Netzwerkkarte mit der Netzwerkadresse
0019D28B409D wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 09.08.2010 15:22:59 | Computer Name = amueller-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 09.08.2010 15:22:59 | Computer Name = amueller-PC | Source = Service Control Manager | ID = 7024
Description =
Error - 10.08.2010 03:35:48 | Computer Name = amueller-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.08.2010 03:35:48 | Computer Name = amueller-PC | Source = Service Control Manager | ID = 7024
Description =
Error - 10.08.2010 05:18:33 | Computer Name = amueller-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.102 für die Netzwerkkarte mit der Netzwerkadresse
0019D28B409D wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
< End of report > --- --- --- |