| Donald83 | 17.11.2010 08:11 |
Mit dem Aktuellen Malware-Scan hab ich drei Scans Code:
alwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 5129
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975
17.11.2010 02:09:53
mbam-log-2010-11-17 (02-09-53).txt
Art des Suchlaufs: Vollstдndiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 308491
Laufzeit: 1 Stunde(n), 42 Minute(n), 19 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlьssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bцsartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bцsartigen Objekte gefunden)
Infizierte Registrierungsschlьssel:
(Keine bцsartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bцsartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bцsartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bцsartigen Objekte gefunden)
Infizierte Dateien:
(Keine bцsartigen Objekte gefunden)
Code:
alwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 5129
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975
17.11.2010 02:09:53
mbam-log-2010-11-17 (02-09-53).txt
Art des Suchlaufs: Vollstдndiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 308491
Laufzeit: 1 Stunde(n), 42 Minute(n), 19 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlьssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bцsartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bцsartigen Objekte gefunden)
Infizierte Registrierungsschlьssel:
(Keine bцsartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bцsartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bцsartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bцsartigen Objekte gefunden)
Infizierte Dateien:
(Keine bцsartigen Objekte gefunden)
Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4705
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975
29.10.2010 10:03:48
mbam-log-2010-10-29 (10-03-48).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 142027
Laufzeit: 7 Minute(n), 27 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlьssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bцsartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bцsartigen Objekte gefunden)
Infizierte Registrierungsschlьssel:
(Keine bцsartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bцsartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bцsartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bцsartigen Objekte gefunden)
Infizierte Dateien:
(Keine bцsartigen Objekte gefunden)
Und hier die beiden OTL-Scans: Code:
OTL Extras logfile created on: 17.11.2010 08:00:01 - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\*****\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,17 Gb Total Space | 58,14 Gb Free Space | 26,29% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 30,17 Gb Free Space | 12,95% Space Free | Partition Type: NTFS
Drive F: | 2,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 1397,26 Gb Total Space | 595,41 Gb Free Space | 42,61% Space Free | Partition Type: NTFS
Computer Name: ***** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03EE9235-A150-4C48-A164-D96B2F99AFB7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{066D68DE-63AF-43A9-9012-9FEF7D48F5E3}" = lport=6956 | protocol=17 | dir=in | name=league of legends launcher |
"{0A703FF0-EFBB-4968-A2C9-C493CBE64386}" = lport=6952 | protocol=6 | dir=in | name=league of legends launcher |
"{0C95C3C9-0CFB-4159-A246-C8688714ED7A}" = lport=6956 | protocol=6 | dir=in | name=league of legends launcher |
"{140689CA-D425-4CE6-967B-058BA9C1CF53}" = lport=6995 | protocol=6 | dir=in | name=league of legends launcher |
"{1497D9C3-3E35-4C3C-9EDC-BE7B7DC3854D}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{190466B0-5961-4BAC-BB81-7EB15C82B4CE}" = lport=8370 | protocol=17 | dir=in | name=league of legends launcher |
"{1A67A59B-E3ED-4473-885D-BBDBF7120E2A}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{1BBD4526-1E38-472E-9A0A-712C5279E99C}" = lport=6912 | protocol=17 | dir=in | name=league of legends launcher |
"{1CC74DCB-51A2-444A-9E5B-FE4FAC925AC2}" = lport=6949 | protocol=6 | dir=in | name=league of legends launcher |
"{20F9B4B5-7759-4A5B-BA2F-B527650A64CC}" = lport=6889 | protocol=6 | dir=in | name=league of legends launcher |
"{22FE3D0A-B97C-4066-A25E-15F06353160D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2448302D-E526-409C-B8BE-BD3525E5113E}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{25B61A8C-5486-40B1-921E-378312EB772E}" = lport=6986 | protocol=17 | dir=in | name=league of legends launcher |
"{2C4C0A7A-5AB8-4962-81DC-73F30F0E98CD}" = lport=6984 | protocol=17 | dir=in | name=league of legends launcher |
"{2D4031D5-BE66-4D98-9339-C7A96B8268B4}" = lport=6986 | protocol=6 | dir=in | name=league of legends launcher |
"{35E21838-828B-4A7B-9CBB-ABE4E5FC3761}" = lport=6898 | protocol=6 | dir=in | name=league of legends launcher |
"{37774D1E-BE44-4D62-924A-EE6837E7BFEC}" = lport=6893 | protocol=6 | dir=in | name=league of legends launcher |
"{37781EB3-3E4F-4296-8A50-CF18116F64CD}" = lport=6912 | protocol=6 | dir=in | name=league of legends launcher |
"{383F5155-AD32-4D86-8D32-5E281297EDCF}" = lport=6994 | protocol=6 | dir=in | name=league of legends launcher |
"{3BAB500F-D27C-46E7-9DDE-D409471CBE0C}" = lport=6997 | protocol=6 | dir=in | name=league of legends launcher |
"{3BC42903-9C7A-49FA-90EF-82A837185643}" = lport=6953 | protocol=17 | dir=in | name=league of legends launcher |
"{41EFC53D-ECDE-44AD-8184-F650D3C8AC0D}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{432F34CA-8AF7-4E92-9692-BF35A74F0231}" = lport=8372 | protocol=17 | dir=in | name=league of legends launcher |
"{43CBCD70-C9A7-49B2-A48B-7C0982D6DCA1}" = lport=6891 | protocol=17 | dir=in | name=league of legends launcher |
"{440A30D1-50B5-4221-9E89-83EF773A6A29}" = lport=6891 | protocol=6 | dir=in | name=league of legends launcher |
"{46AE9F39-3632-4E03-9C41-125059FDF954}" = lport=6991 | protocol=17 | dir=in | name=league of legends launcher |
"{4C6A5397-29EF-4C6B-AFDD-B2D39177EDFB}" = lport=6972 | protocol=6 | dir=in | name=league of legends launcher |
"{4EB3712A-6AF0-45BD-80E7-AF24F9A6B3F6}" = lport=6977 | protocol=17 | dir=in | name=league of legends launcher |
"{61C11934-9246-4A90-A661-9D450E550D54}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{629FD325-4BAD-4146-A33B-77D4C2B0894E}" = lport=6903 | protocol=6 | dir=in | name=league of legends launcher |
"{634498EB-2F64-4FBE-9249-0736C6698BBE}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{6388FD9A-1579-4A80-9C12-908A192EDEBE}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{64C34451-83E4-447C-A4F7-DF1B5D5D1CC7}" = lport=6969 | protocol=6 | dir=in | name=league of legends launcher |
"{64DB6A62-3779-4A60-A741-84E54FBE64A7}" = lport=6994 | protocol=17 | dir=in | name=league of legends launcher |
"{670E13FA-EF0E-4CCF-BD2A-BE4D95B43CB3}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{67689128-4BF1-451A-BE43-4803F7D8C543}" = lport=6903 | protocol=17 | dir=in | name=league of legends launcher |
"{67B3C7CA-7A3A-44C2-86F7-8D6CBBEBE459}" = lport=6965 | protocol=17 | dir=in | name=league of legends launcher |
"{69FF6524-D405-419C-AEAD-69C0358E9A09}" = lport=6972 | protocol=17 | dir=in | name=league of legends launcher |
"{6B0CD4EB-94F8-4FC5-94CE-5AAC78DDCBAF}" = lport=6991 | protocol=6 | dir=in | name=league of legends launcher |
"{6E79D311-3E3C-4EAF-AD69-DB3EA343FB20}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6F7E3855-003D-4DB2-920C-21AC1EFE52C8}" = lport=6952 | protocol=17 | dir=in | name=league of legends launcher |
"{7010BC55-C976-429B-8720-46A5D205C49B}" = lport=8370 | protocol=6 | dir=in | name=league of legends launcher |
"{70BDAFDB-BDD7-4220-B0DB-FF96F70A8728}" = lport=6969 | protocol=17 | dir=in | name=league of legends launcher |
"{72B4E501-7A25-4723-956D-03D7856B8713}" = lport=6932 | protocol=17 | dir=in | name=league of legends launcher |
"{78E77159-0415-4E46-A363-7413CA375D7F}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{79FE29E1-74D3-4DB0-BE56-97C325EEC35D}" = lport=6893 | protocol=17 | dir=in | name=league of legends launcher |
"{7D653BBD-BDC0-4CBB-AF60-2D4B00FE9618}" = lport=6948 | protocol=6 | dir=in | name=league of legends launcher |
"{82325836-2C71-47CF-B2C3-453AC886A82C}" = lport=6886 | protocol=17 | dir=in | name=league of legends launcher |
"{85B6533F-47C2-4D30-8115-88CEDDFFCEAB}" = lport=6968 | protocol=6 | dir=in | name=league of legends launcher |
"{88741878-86B7-4089-ABBC-84598FEB83A3}" = lport=6904 | protocol=6 | dir=in | name=league of legends launcher |
"{89761A80-23C9-4F77-87C5-2CD1F39D70BA}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{8C0B1A97-626A-4128-8AE6-EF0D49359D4E}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{8F5F86CE-F746-414C-94AE-05B9F497486D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{90AB24DB-AA5D-43E5-8076-09C3B1DD3E0B}" = lport=6966 | protocol=17 | dir=in | name=league of legends launcher |
"{98F06DDC-81B7-4D1D-9752-4F908867DFA7}" = lport=6932 | protocol=6 | dir=in | name=league of legends launcher |
"{9BF3B182-F4F3-4342-9F5D-9DAB6358338F}" = lport=6886 | protocol=6 | dir=in | name=league of legends launcher |
"{9DE16A41-901F-4DFF-953B-2F1114798904}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A0CB2EC8-742D-448F-84C9-8E30E9FCED5E}" = lport=6984 | protocol=6 | dir=in | name=league of legends launcher |
"{A1ADB777-0581-4E24-A8BD-4D85C0D4D94B}" = lport=6995 | protocol=17 | dir=in | name=league of legends launcher |
"{A24C12D6-16A3-4687-9525-D886B855B4AC}" = lport=6893 | protocol=17 | dir=in | name=league of legends launcher |
"{A3226539-857A-47DC-AFC6-6599224D9B81}" = lport=6904 | protocol=17 | dir=in | name=league of legends launcher |
"{A5DAD4AB-C8EA-43CD-9F2C-6314A4D23F12}" = lport=6955 | protocol=17 | dir=in | name=league of legends launcher |
"{ABED8504-24C2-4671-9876-1CFF0AB4ED17}" = lport=6898 | protocol=17 | dir=in | name=league of legends launcher |
"{AE2748A2-BC31-4EC0-BE71-4E263F1784DB}" = lport=6889 | protocol=17 | dir=in | name=league of legends launcher |
"{AE94D441-BDD6-43E2-8D6C-4FB13EC117F8}" = lport=6898 | protocol=17 | dir=in | name=league of legends launcher |
"{B25CFF3C-7D7F-479B-B75C-FAD4A06B7099}" = lport=6949 | protocol=17 | dir=in | name=league of legends launcher |
"{B319DE6A-02CA-4167-BECA-592842D323C9}" = lport=6926 | protocol=17 | dir=in | name=league of legends launcher |
"{BB3E3E37-2CFD-4BB0-A798-D200A731D037}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BE3B86A2-F85B-409A-AA46-F568AE7B6339}" = lport=6893 | protocol=6 | dir=in | name=league of legends launcher |
"{BFD56D33-A2C2-4924-ADEB-5BB9C5C90EA5}" = lport=6965 | protocol=6 | dir=in | name=league of legends launcher |
"{C2C87750-8095-4B86-9D7B-90D1E5244151}" = lport=6926 | protocol=6 | dir=in | name=league of legends launcher |
"{C68E58A0-A46C-4DAD-8721-C3F3342A0C7A}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{C999072E-82AE-4DF0-9BC8-EAC267F34E67}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CC0FA939-B454-482E-B818-F7A35C8FFAA7}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{CC2C1915-8E8C-44D7-BF79-C28295C52A53}" = lport=8372 | protocol=6 | dir=in | name=league of legends launcher |
"{D0EC3F2D-3E9F-4C65-AD8C-02909FA7E456}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D1B504F8-0CD7-431E-9401-A274913C17C9}" = lport=6948 | protocol=17 | dir=in | name=league of legends launcher |
"{D31B0531-28F6-4BCA-957B-B555AC63EAB6}" = lport=6977 | protocol=6 | dir=in | name=league of legends launcher |
"{D43F9610-B6D3-43D6-99A5-6CA950530A3A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DB39D2EE-B31C-47CD-B9A9-1E948EFC15AA}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{DC96DD37-5A62-4EF3-A1F3-CD722F733930}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DCBD80DA-041B-43AB-A9F6-2F5C25026511}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DE52A8E6-6757-4B30-A8BA-B96A8DD9F37C}" = lport=6968 | protocol=17 | dir=in | name=league of legends launcher |
"{E46CD9B4-47E8-4104-8B5A-1F74A5AE50E4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{E48E2B8F-9F38-4331-B30C-19A5F78CC624}" = lport=6955 | protocol=6 | dir=in | name=league of legends launcher |
"{E8D68D16-4752-4C1E-B23D-A11A252E3740}" = lport=6953 | protocol=6 | dir=in | name=league of legends launcher |
"{EE11BDF5-8034-4076-8F7E-A99A0E8C611A}" = lport=6997 | protocol=17 | dir=in | name=league of legends launcher |
"{EEC63557-7470-4DC5-AD58-39C0058573CD}" = lport=6898 | protocol=6 | dir=in | name=league of legends launcher |
"{F731FD1A-0BAE-4766-9370-99CA32A4216F}" = lport=6966 | protocol=6 | dir=in | name=league of legends launcher |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07F62CEE-6AEF-4F79-A718-34CE011DDB29}" = protocol=17 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{0ED3BE40-6948-492F-BB71-B20472E97C87}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{1379B3FF-4C5A-498C-873B-43565A590422}" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\starcraft ii.exe |
"{1414D924-A300-4BB8-B2AC-DD3EEBAFA2E3}" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\versions\base16561\sc2.exe |
"{17E2A48C-3958-4C35-8F9B-BFE2B0DE41C9}" = protocol=6 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{2550D536-1344-48DA-9506-C810EE4CEE09}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{28B3E006-97EA-48F2-B7BD-9E1F31351DB4}" = protocol=17 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{2C6D3B2F-71A9-4E9D-B600-6497C30256CE}" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\versions\base16561\sc2.exe |
"{36681CAF-140D-4A33-B48A-F0F239CF1263}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{372E5534-7339-4982-B844-19E689910AE1}" = protocol=17 | dir=in | app=d:\spiele\dragon age\bin_ship\daorigins.exe |
"{38928C89-A4BD-4EB3-8B91-A628A0B03CE8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3ECDE124-D1AC-443F-B74F-26CBC994D6AC}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{40CAADE1-BCC8-4D41-959D-47B12BB11F41}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{4B54512D-01CB-4668-BC5A-DCD5EFC68BE5}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{4BB43F2B-DFE8-4FEC-B2CC-A0A701AF84E0}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{4C923F51-D18D-4990-8764-881554747138}" = protocol=17 | dir=in | app=d:\spiele\dragon age\daoriginslauncher.exe |
"{5A5FB2BA-88A1-4A6A-BFF7-FA20839DC33B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7AD3582C-E708-47A4-B048-8850BB9395E2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{813262D8-E91A-4446-80AA-4F8163723AD7}" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\versions\base15405\sc2.exe |
"{8878BC13-C04C-4565-9257-2274421C968A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A8D9666-F3D2-4574-88D7-CA5C2DE06487}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{97D38BD9-818E-410D-A21B-073E417AD70B}" = protocol=17 | dir=in | app=d:\spiele\dragon age\bin_ship\daupdatersvc.service.exe |
"{9893DA45-6328-4687-83F7-D187EE8E4F44}" = protocol=17 | dir=in | app=d:\spiele\league of legends\lol.launcher.exe |
"{9965532F-5337-49C8-8252-5A432723051B}" = protocol=6 | dir=in | app=d:\spiele\dragon age\bin_ship\daorigins.exe |
"{9D7C6265-0D5C-4E06-B1DA-7675D325B543}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A107F0B3-ECA6-43CA-B9BE-833B8A009B98}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A13DE1C4-2BF7-4CEF-A2B8-DCFCA8736CE0}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{A4A37CD0-6017-4BC2-8F2B-7B0016D76701}" = protocol=17 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{AA2C167B-072E-4AAB-A092-3054A757F93D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{B3A088FC-2A71-4824-B6C1-4B5EAE6B203F}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{B5F1BD3E-7295-48B0-9872-22649D58BA5F}" = protocol=6 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{B67E0E20-6533-4634-9C9A-AB514847AFB6}" = protocol=17 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{B710CCBC-64D5-4D34-89DC-AF7551F9A475}" = protocol=6 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{B7BCFE36-D43A-4820-8543-BE332B9F3151}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{BB118629-82A3-45FC-B32B-285F8877A1B8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{BC278DF2-42BB-4E3E-9862-9AD64748148F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{C3D9D5FE-15D7-4A4B-904D-EE3784921E23}" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\versions\base15405\sc2.exe |
"{C7340AB6-5E19-4C92-895E-8410BD607DD2}" = dir=in | app=d:\spiele\command and conquere\retailexe\1.8\cnc3game.dat |
"{CC890FC2-263B-4799-BCCD-8F41A2F92938}" = protocol=6 | dir=in | app=d:\spiele\dragon age\bin_ship\daupdatersvc.service.exe |
"{CE545EE2-38AD-4FFB-9781-0FD795CB5341}" = protocol=6 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{CEC4059A-802C-4D6F-B56A-A4868D799940}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CF361CC8-E4E8-4E3B-BE96-E003AF482698}" = protocol=6 | dir=in | app=d:\spiele\dragon age\daoriginslauncher.exe |
"{D080B646-1E48-4279-9E54-733C392DF89F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D3FE7C61-C54E-43DE-A040-B2E17E319363}" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\starcraft ii.exe |
"{DD65BED9-9C07-4D1F-8275-7807A443C258}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{EFA26686-299F-44EA-94D8-30223483E885}" = protocol=6 | dir=in | app=d:\spiele\league of legends\lol.launcher.exe |
"{F21B3CF8-F97A-402C-BA7F-CC3D39204D6E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"TCP Query User{0BE1FAE7-0C91-4B6D-AF0D-E2D7DE34B1BB}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{16FCE762-C13B-4155-8514-B439E7D667C8}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe |
"TCP Query User{51B7DED7-678E-42CA-88B9-B9A7BEEA9857}D:\spiele\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\spiele\warcraft iii\war3.exe |
"TCP Query User{68FA9294-1778-451F-98F8-1B2EC1AA17EE}C:\spiele\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft\starcraft.exe |
"TCP Query User{76AC685F-E5B7-4AF0-B772-8A24AA5B3D7F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{7BC59B46-D2CD-4E04-9108-1736C4249688}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{7C4FF448-A5B9-4218-919F-D283FEE022F2}D:\spiele\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\spiele\warcraft iii\war3.exe |
"TCP Query User{B0A71885-3E7B-41D1-8F71-1294B5D5AE6D}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{B0E6FB1C-F230-4F3E-8CF1-1D6FFA83AD99}D:\spiele\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{C563C1C0-A7D8-4F73-9BC7-53A67AAE0F26}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe |
"TCP Query User{E1242A39-59FC-4A63-BCA7-CD5041731657}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{F204888F-6643-44C7-824A-990D2EE9EF58}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{236BEEB4-6086-4F4C-8704-57A77BB026BE}D:\spiele\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\spiele\warcraft iii\war3.exe |
"UDP Query User{241D85B1-D2AB-46F0-9E3A-959221CF9926}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe |
"UDP Query User{40491C1C-6392-454D-BE3E-C5620F74D2E4}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{45EF7D8F-2AD0-40C2-BAEE-DB59D37501EF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{7A286520-51BF-46C4-9DF4-FE4F696E270F}D:\spiele\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\spiele\warcraft iii\war3.exe |
"UDP Query User{98E2F8E0-FFDC-408F-98C6-87A23E534C04}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{B387DD6D-1448-4B0F-8B58-F67D08610AAE}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{B793F513-67CB-4680-8760-EA2025BE539A}D:\spiele\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{BE7DB92B-FBA0-4B8A-A796-F70CE8F9D301}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{D4AFBC30-D21F-46F4-B7C7-DB64F0F1A2D7}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{EA16B840-770F-4ED5-8BE3-997FD7B2D170}C:\spiele\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft\starcraft.exe |
"UDP Query User{F296A832-2C0B-4F55-985A-6FE8C57CDC4D}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{200F584F-848D-4B6B-B1A1-C74D735F18A4}" = InstallRTC
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{62B002C5-1AB3-11D8-8092-00E018B21FC0}" = USB Mass Storage Toolbox
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = pdf24
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{868EC22E-7E82-4760-9265-3F2E705BF24B}" = League of Legends
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_VISPRO_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_VISPRO_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2007
"{90120000-0054-0407-0000-0000000FF1CE}_VISPRO_{60CC0F2D-BFA0-4851-903D-809D876DD87B}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_VISPRO_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B136F351-BF1E-4948-9557-FA6524302ACA}" = SPSS 14.0 für Windows
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Sitecom Europe
"{CF097717-F174-4144-954A-FBC4BF301031}" = Nero 7 Premium
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D48EAA77-E526-41EB-894C-BD6A17EABD95}" = TMPGEnc 3.0 XPress
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF4EA1D8-E44E-41BA-B4C4-B4BEFDFCF2AC}" = DaViDeo 4 professional
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD54066C-59C6-475B-B8A0-A0D26969D8E2}" = Pinnacle PCTV MCE
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVI & MPEG Splitter_is1" = AVI & MPEG Splitter 1.48
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Canon Setup Utility 2.0" = Canon Setup Utility 2.0
"CANONBJ_Deinstall_CNMCP78.DLL" = Canon iP4200
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileHippo.com" = FileHippo.com Update Checker
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"HijackThis" = HijackThis 2.0.2
"HyperCam 2" = HyperCam 2
"InstallShield_{EF4EA1D8-E44E-41BA-B4C4-B4BEFDFCF2AC}" = DaViDeo 4 professional
"IsoBuster_is1" = IsoBuster 2.8
"League of Legends_is1" = League of Legends
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MAGIX Foto Clinic 5.5 D" = MAGIX Foto Clinic 5.5 (D)
"MAGIX Fotos auf CD & DVD 5.5 e-version D" = MAGIX Fotos auf CD & DVD 5.5 e-version (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 4.0b7 (x86 de)" = Mozilla Firefox 4.0b7 (x86 de)
"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0
"ratDVD" = ratDVD 0.78.1444
"RealPlayer 12.0" = RealPlayer
"Secunia PSI" = Secunia PSI
"SolveigMM AVI Trimmer" = SolveigMM AVI Trimmer
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.9.0
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VLC media player 0.9.8a
"VN_VUIns_Rhine_VIA" = VIA Rhine Family Fast Ethernet Adapter
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"X10Hardware" = X10 Hardware(TM)
"XviD" = XviD MPEG-4 Codec
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.11.2010 06:01:50 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul QuickTime.qts_unloaded, Version 0.0.0.0, Zeitstempel
0x4c87d299, Ausnahmecode 0xc0000005, Fehleroffset 0x5e3ebb69, Prozess-ID 0x1748,
Anwendungsstartzeit 01cb85748972ec00.
Error - 16.11.2010 06:02:10 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x5f30bb69, Prozess-ID 0x15c4, Anwendungsstartzeit
01cb85754ba4cdfc.
Error - 16.11.2010 06:02:26 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul rpcontrols1.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x4c078b43, Ausnahmecode 0xc0000005, Fehleroffset 0x626dbb69, Prozess-ID 0x29c,
Anwendungsstartzeit 01cb8575570c6263.
Error - 16.11.2010 06:02:41 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul rpcontrols1.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x4c078b43, Ausnahmecode 0xc0000005, Fehleroffset 0x626dbb69, Prozess-ID 0x8e0,
Anwendungsstartzeit 01cb8575602f4545.
Error - 16.11.2010 06:02:57 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul rpcontrols1.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x4c078b43, Ausnahmecode 0xc0000005, Fehleroffset 0x626dbb69, Prozess-ID 0x13e0,
Anwendungsstartzeit 01cb857569a0d5c1.
Error - 16.11.2010 06:03:13 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul rpcontrols1.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x4c078b43, Ausnahmecode 0xc0000005, Fehleroffset 0x626dbb69, Prozess-ID 0x168c,
Anwendungsstartzeit 01cb85757325790d.
Error - 16.11.2010 06:03:34 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x626dbb69, Prozess-ID 0xae4, Anwendungsstartzeit
01cb85757c991cc9.
Error - 16.11.2010 06:05:52 | Computer Name = ***** | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 16.11.2010 06:10:45 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x6363bb69, Prozess-ID 0x428, Anwendungsstartzeit
01cb8575d5acf957.
Error - 16.11.2010 15:42:17 | Computer Name = ***** | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
[ Media Center Events ]
Error - 07.03.2008 14:31:04 | Computer Name = ***** | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerAccumulate failed;
Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center
Guide
Error - 13.03.2008 23:26:30 | Computer Name = ***** | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 30.03.2008 21:10:38 | Computer Name = ***** | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 21.04.2008 13:16:22 | Computer Name = ***** | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerAccumulate failed;
Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center
Guide
Error - 09.02.2009 10:54:01 | Computer Name = ***** | Source = Media Center Guide | ID = 13
Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten.
Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen
Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema?
konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 09.02.2009 10:54:02 | Computer Name = ***** | Source = Media Center Guide | ID = 13
Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten.
Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen
Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema?
konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 21.04.2009 10:42:06 | Computer Name = Chris-PC | Source = Media Center Guide | ID = 13
Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten.
Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen
Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema?
konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 21.04.2009 10:42:06 | Computer Name = *****| Source = Media Center Guide | ID = 13
Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten.
Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen
Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema?
konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 28.06.2009 06:51:36 | Computer Name = ***** | Source = Media Center Guide | ID = 13
Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten.
Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen
Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema?
konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 28.06.2009 06:51:36 | Computer Name = ***** | Source = Media Center Guide | ID = 13
Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten.
Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen
Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema?
konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton
[ System Events ]
Error - 15.11.2010 10:51:10 | Computer Name = ***** | Source = Print | ID = 6161
Description = Das Dokument Der Einfluss des Kindergartens.pdf im Besitz von Chris
konnte nicht auf dem Drucker Canon iP4200 gedruckt werden. Versuchen Sie erneut,
das Dokument zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: NT
EMF 1.008. Gro?e der Spooldatei in Bytes: 45393740. Anzahl der gedruckten Bytes:
17205204. Gesamtanzahl der Seiten des Dokuments: 8. Anzahl der gedruckten Seiten:
0. Clientcomputer: \\CHRIS-PC. Vom Druckprozessor zuruckgegebener Win32-Fehlercode:
1. Unzulassige Funktion.
Error - 15.11.2010 10:56:12 | Computer Name = ***** | Source = Print | ID = 6161
Description = Das Dokument Der Einfluss des Kindergartens.pdf im Besitz von Chris
konnte nicht auf dem Drucker Canon iP4200 gedruckt werden. Versuchen Sie erneut,
das Dokument zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: NT
EMF 1.008. Gro?e der Spooldatei in Bytes: 46376780. Anzahl der gedruckten Bytes:
10167136. Gesamtanzahl der Seiten des Dokuments: 8. Anzahl der gedruckten Seiten:
0. Clientcomputer: \\CHRIS-PC. Vom Druckprozessor zuruckgegebener Win32-Fehlercode:
1. Unzulassige Funktion.
Error - 15.11.2010 19:25:59 | Computer Name = ***** | Source = Service Control Manager | ID = 7011
Description =
Error - 15.11.2010 19:26:29 | Computer Name = ***** | Source = Service Control Manager | ID = 7011
Description =
Error - 15.11.2010 19:26:59 | Computer Name = ***** | Source = Service Control Manager | ID = 7011
Description =
Error - 15.11.2010 19:27:29 | Computer Name = ***** | Source = Service Control Manager | ID = 7011
Description =
Error - 15.11.2010 20:21:17 | Computer Name = ***** | Source = DCOM | ID = 10010
Description =
Error - 15.11.2010 22:19:43 | Computer Name = ***** | Source = DCOM | ID = 10010
Description =
Error - 16.11.2010 05:05:31 | Computer Name = ***** | Source = DCOM | ID = 10010
Description =
Error - 16.11.2010 06:03:43 | Computer Name = ***** | Source = DCOM | ID = 10010
Description =
[ TuneUp Events ]
Error - 02.11.2010 08:11:36 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-02 13:11:36', '\device\harddiskvolume2\program
files\sid meier's civilization v\launcher.exe','3776',0)
Error - 02.11.2010 08:11:57 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-02 13:11:57', '\device\harddiskvolume2\program
files\sid meier's civilization v\civilizationv.exe','2968',0)
Error - 03.11.2010 18:22:39 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-03 23:22:39', '\device\harddiskvolume2\program
files\sid meier's civilization v\launcher.exe','5400',0)
Error - 03.11.2010 18:22:44 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-03 23:22:44', '\device\harddiskvolume2\program
files\sid meier's civilization v\civilizationv.exe','3060',0)
Error - 04.11.2010 07:15:56 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-04 12:15:56', '\device\harddiskvolume2\program
files\sid meier's civilization v\launcher.exe','5184',0)
Error - 04.11.2010 07:17:06 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-04 12:17:06', '\device\harddiskvolume2\program
files\sid meier's civilization v\civilizationv.exe','3804',0)
Error - 04.11.2010 10:18:49 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-04 15:18:49', '\device\harddiskvolume2\program
files\sid meier's civilization v\launcher.exe','504',0)
Error - 04.11.2010 10:18:54 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-04 15:18:54', '\device\harddiskvolume2\program
files\sid meier's civilization v\civilizationv.exe','472',0)
Error - 15.11.2010 20:33:28 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-16 01:33:28', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','3252',0)
Error - 16.11.2010 19:26:42 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-17 00:26:42', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','284',0)
< End of report >
Code:
OTL logfile created on: 17.11.2010 08:00:01 - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\*****\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,17 Gb Total Space | 58,14 Gb Free Space | 26,29% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 30,17 Gb Free Space | 12,95% Space Free | Partition Type: NTFS
Drive F: | 2,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 1397,26 Gb Total Space | 595,41 Gb Free Space | 42,61% Space Free | Partition Type: NTFS
Computer Name: ***** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Chris\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox 4.0 Beta 6\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox 4.0 Beta 6\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programme\eMule\emule.exe (hxxp://www.emule-project.net)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software GmbH)
PRC - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
========== Modules (SafeList) ==========
MOD - C:\Users\*****\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe File not found
SRV - (MSSQLServerADHelper) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software GmbH)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (UPnPService) -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
========== Driver Services (SafeList) ==========
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (ddxgb) -- C:\Users\Chris\AppData\Local\Temp\ddxgb.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FETND6V) -- C:\Windows\System32\drivers\fetnd6v.sys (VIA Technologies, Inc. )
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH)
DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (Philips Semiconductors GmbH)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (xfilt) -- C:\Windows\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\Windows\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Tosrfbd) -- C:\Windows\System32\drivers\TosRfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\TosRfhid.sys (TOSHIBA Corporation.)
DRV - (TosRfSnd) Bluetooth Audio Device (WDM) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\Tosporte.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (Tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (toshidpt) -- C:\Windows\System32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = hxxp://www.arcor.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.spiegel.de"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 6\components [2010.11.11 17:17:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugins [2010.09.26 23:01:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.10.29 00:27:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.10.07 12:26:26 | 000,000,000 | ---D | M]
[2010.09.24 15:19:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2010.09.24 15:19:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.10.29 08:56:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions
[2010.06.29 09:59:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.27 22:39:15 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008.02.18 13:15:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.10.29 08:55:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.14 23:35:21 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.07.29 14:35:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.16 23:32:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.10.08 12:19:37 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.10.10 12:25:32 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\DefaultManager@Microsoft
[2010.02.04 01:24:14 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\moveplayer@movenetworks.com
[2009.11.06 09:36:00 | 000,002,171 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\0hkidv9q.default\searchplugins\bing.xml
[2010.07.29 14:45:54 | 000,000,873 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\0hkidv9q.default\searchplugins\conduit.xml
[2010.11.13 13:01:26 | 000,001,056 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\0hkidv9q.default\searchplugins\icqplugin.xml
[2010.09.22 12:59:15 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2007.06.03 21:19:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008.06.30 23:16:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
O1 HOSTS File: ([2010.09.23 21:46:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe (hxxp://www.emule-project.net)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.11.01 04:47:57 | 000,000,000 | R--D | M] - F:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2005.11.01 04:09:50 | 000,729,088 | R--- | M] (Electronic Arts Inc.) - F:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2005.11.01 04:43:36 | 000,000,160 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2005.10.14 09:02:16 | 000,585,728 | R--- | M] (Electronic Arts Inc.) - F:\AutoRunGUI.dll -- [ UDF ]
O32 - AutoRun File - [2010.01.21 03:47:35 | 000,000,000 | RH-D | M] - O:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk O:\
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.11.16 10:37:21 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\QuickStoresToolbar
[2010.11.16 10:37:20 | 000,000,000 | ---D | C] -- C:\Programme\Unlocker
[2010.11.16 01:40:21 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.11.04 10:42:36 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Blumio
[2010.10.29 08:55:40 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.2
[2010.10.26 22:55:19 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.10.26 22:55:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.10.26 22:55:16 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.10.24 11:28:10 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.10.24 11:28:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.10.24 11:28:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2008.12.27 16:31:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Chris\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.11.17 08:00:00 | 000,000,500 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2010.11.17 07:06:56 | 000,206,537 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.11.17 07:06:55 | 000,206,537 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.11.17 06:42:31 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.17 06:42:31 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.16 20:42:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.16 15:11:27 | 000,299,226 | ---- | M] () -- C:\Users\Chris\Desktop\151-148-1-PB.pdf
[2010.11.16 15:03:33 | 000,170,882 | ---- | M] () -- C:\Users\Chris\Desktop\hoffmann_schule.pdf
[2010.11.16 14:48:19 | 001,061,188 | ---- | M] () -- C:\Users\Chris\Desktop\iv06_akibilanz4a.pdf
[2010.11.16 14:28:15 | 000,302,080 | ---- | M] () -- C:\Users\Chris\Desktop\rainer_geissler_-_die_metamorphose_der_katholischen_arbeitertochter_zum_migrantensohn.doc
[2010.11.16 13:57:20 | 000,180,224 | ---- | M] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.16 01:40:21 | 000,001,880 | ---- | M] () -- C:\Users\Chris\Desktop\HijackThis.lnk
[2010.11.16 01:09:24 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010.11.16 00:25:04 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.11.15 13:23:46 | 000,303,970 | ---- | M] () -- C:\Users\Chris\Desktop\Der Einfluss des Kindergartens.pdf
[2010.11.15 12:48:11 | 000,147,019 | ---- | M] () -- C:\Users\Chris\Desktop\Integration und Ganztagsbildung.docx
[2010.11.15 12:47:54 | 005,246,597 | ---- | M] () -- C:\Users\Chris\Desktop\Sprachliche Leistungen in der Einschulungsuntersuchung.pdf
[2010.11.15 12:36:00 | 000,654,650 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.15 12:36:00 | 000,616,532 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.15 12:36:00 | 000,137,000 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.15 12:36:00 | 000,112,060 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.15 10:25:29 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.11.14 18:59:41 | 002,419,661 | ---- | M] () -- C:\Users\Chris\Desktop\Deutsches_Reich1.jpg
[2010.11.14 18:53:10 | 000,003,129 | ---- | M] () -- C:\Users\Chris\Documents\Mastersongs.m3u
[2010.11.13 21:57:56 | 000,065,536 | ---- | M] () -- C:\Users\Chris\Desktop\fc3fd199-00f5-467f-9a66-686b84cde99e.jpg
[2010.11.12 14:34:48 | 000,524,935 | ---- | M] () -- C:\Users\Chris\Desktop\05314.pdf
[2010.11.12 10:46:49 | 000,071,693 | ---- | M] () -- C:\Users\Chris\Desktop\Schulen nach Form des Ganztagsangebots 2008.jpg
[2010.11.11 15:44:32 | 001,646,206 | ---- | M] () -- C:\Users\Chris\Desktop\kita_regional.pdf
[2010.11.09 20:45:18 | 1623,351,296 | ---- | M] () -- C:\Users\Chris\Desktop\exq-avatar.erw.kino-xvid-b.avi
[2010.11.09 19:39:22 | 1464,657,920 | ---- | M] () -- C:\Users\Chris\Desktop\exq-avatar.erw.kino-xvid-a.avi
[2010.11.09 16:31:00 | 000,201,840 | ---- | M] () -- C:\Users\Chris\Desktop\steuer09_anlage_kap.pdf
[2010.11.08 19:52:57 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.11.08 19:52:57 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.11.04 11:19:23 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.04 11:15:39 | 000,319,982 | ---- | M] () -- C:\Users\Chris\Desktop\GTS_2008.pdf
[2010.10.24 11:26:52 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.10.24 11:26:52 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.10.24 11:26:52 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.10.24 11:26:50 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.10.19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.11.16 15:11:26 | 000,299,226 | ---- | C] () -- C:\Users\Chris\Desktop\151-148-1-PB.pdf
[2010.11.16 15:03:33 | 000,170,882 | ---- | C] () -- C:\Users\Chris\Desktop\hoffmann_schule.pdf
[2010.11.16 14:48:19 | 001,061,188 | ---- | C] () -- C:\Users\Chris\Desktop\iv06_akibilanz4a.pdf
[2010.11.16 14:28:14 | 000,302,080 | ---- | C] () -- C:\Users\Chris\Desktop\rainer_geissler_-_die_metamorphose_der_katholischen_arbeitertochter_zum_migrantensohn.doc
[2010.11.16 01:40:21 | 000,001,880 | ---- | C] () -- C:\Users\Chris\Desktop\HijackThis.lnk
[2010.11.15 12:47:54 | 005,246,597 | ---- | C] () -- C:\Users\Chris\Desktop\Sprachliche Leistungen in der Einschulungsuntersuchung.pdf
[2010.11.15 12:27:34 | 000,303,970 | ---- | C] () -- C:\Users\Chris\Desktop\Der Einfluss des Kindergartens.pdf
[2010.11.15 10:25:29 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.11.14 18:59:39 | 002,419,661 | ---- | C] () -- C:\Users\Chris\Desktop\Deutsches_Reich1.jpg
[2010.11.14 18:53:10 | 000,003,129 | ---- | C] () -- C:\Users\Chris\Documents\Mastersongs.m3u
[2010.11.14 15:30:50 | 1623,351,296 | ---- | C] () -- C:\Users\Chris\Desktop\exq-avatar.erw.kino-xvid-b.avi
[2010.11.14 15:28:02 | 1464,657,920 | ---- | C] () -- C:\Users\Chris\Desktop\exq-avatar.erw.kino-xvid-a.avi
[2010.11.13 21:57:56 | 000,065,536 | ---- | C] () -- C:\Users\Chris\Desktop\fc3fd199-00f5-467f-9a66-686b84cde99e.jpg
[2010.11.12 14:34:48 | 000,524,935 | ---- | C] () -- C:\Users\Chris\Desktop\05314.pdf
[2010.11.12 10:46:48 | 000,071,693 | ---- | C] () -- C:\Users\Chris\Desktop\Schulen nach Form des Ganztagsangebots 2008.jpg
[2010.11.11 15:44:32 | 001,646,206 | ---- | C] () -- C:\Users\Chris\Desktop\kita_regional.pdf
[2010.11.09 16:27:23 | 000,201,840 | ---- | C] () -- C:\Users\Chris\Desktop\steuer09_anlage_kap.pdf
[2010.11.04 12:14:16 | 000,147,019 | ---- | C] () -- C:\Users\Chris\Desktop\Integration und Ganztagsbildung.docx
[2010.11.04 11:15:39 | 000,319,982 | ---- | C] () -- C:\Users\Chris\Desktop\GTS_2008.pdf
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.08.25 16:33:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.12.29 01:25:39 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.12.19 12:36:31 | 000,206,537 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.12.19 12:36:30 | 000,206,537 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.06.19 19:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009.03.24 17:19:25 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.03.24 17:19:24 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.03.24 17:19:24 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2008.12.28 18:37:03 | 000,000,671 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
[2008.12.27 16:34:30 | 000,000,033 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.log
[2008.12.27 16:31:19 | 000,007,887 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.cat
[2008.12.27 16:31:19 | 000,001,144 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.inf
[2008.08.27 01:01:40 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2008.08.27 01:00:40 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2008.08.27 01:00:40 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2008.08.27 01:00:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2008.08.27 01:00:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth2.dll
[2008.08.27 01:00:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth1.dll
[2008.08.27 01:00:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nsprs.dll
[2008.06.23 13:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.05.31 11:23:51 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.05.23 17:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2008.05.15 16:46:34 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2008.05.15 16:46:25 | 000,000,098 | ---- | C] () -- C:\Windows\WirelessFTP.INI
[2008.04.01 15:56:08 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.04.01 15:56:06 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2007.12.14 16:32:08 | 000,000,321 | ---- | C] () -- C:\Windows\homeDVD-Fotos5_5.INI
[2007.11.30 17:08:17 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2007.11.22 13:53:48 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2007.11.18 11:25:48 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2007.09.26 21:17:59 | 000,394,240 | ---- | C] () -- C:\Windows\System32\Smab.dll
[2007.09.26 21:17:59 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2007.09.09 13:32:52 | 000,135,168 | ---- | C] () -- C:\Windows\System32\DVDEncoder.dll
[2007.09.08 15:30:29 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.08.03 15:29:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\DVDKeyAuth.dll
[2007.05.29 07:55:10 | 000,008,220 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2007.05.28 17:52:17 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.04.08 18:51:16 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.04.08 18:12:41 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2007.04.08 15:45:56 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2007.03.14 15:47:22 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007.03.08 23:32:11 | 000,000,552 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d8caps.dat
[2007.03.01 21:58:48 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS78.DLL
[2007.02.28 16:44:53 | 000,001,356 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2007.02.27 15:05:43 | 000,000,646 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.02.27 03:47:14 | 000,000,632 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\wklnhst.dat
[2007.02.27 03:38:15 | 000,000,402 | ---- | C] () -- C:\Windows\wininit.ini
[2007.02.27 02:32:35 | 000,180,224 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.10.27 08:26:56 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll
[2006.04.13 10:30:06 | 001,073,152 | ---- | C] () -- C:\Windows\System32\libmysql_c.dll
[2004.12.14 12:04:48 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2004.12.14 12:02:49 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2004.12.02 14:20:18 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2004.09.22 09:09:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2004.08.30 12:26:16 | 000,389,120 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2004.07.20 16:04:02 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
[2004.01.15 13:43:28 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TBTMonUI.dll
[2003.07.29 14:33:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\TosHidAPI.dll
[2000.04.10 11:33:28 | 000,027,494 | ---- | C] () -- C:\Programme\Troubleshooting.htm
[2000.04.10 11:31:42 | 000,054,272 | ---- | C] () -- C:\Programme\Troubleshooting.doc
[2000.04.10 11:31:42 | 000,021,473 | ---- | C] () -- C:\Programme\Update.txt
========== Files - Unicode (All) ==========
[2007.02.25 09:27:30 | 000,904,439 | ---- | C] ()(C:\Umweltbewu?tsein 2006.pdf) -- C:\Umweltbewußtsein 2006.pdf
[2007.02.22 21:57:32 | 000,904,439 | ---- | M] ()(C:\Umweltbewu?tsein 2006.pdf) -- C:\Umweltbewußtsein 2006.pdf
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:9AEE100C
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:94A19129
< End of report >
|
