Malewarebytes - Ergebnisse des Quick-Scans
Hier meine Ergebnisse des Quickscans mit dem Programm Malwarebytes:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.06.25.06
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.18865
Martin :: xxx-PC [Administrator]
Schutz: Aktiviert
25.06.2012 13:57:06
mbam-log-2012-06-25 (13-57-06).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 221616
Laufzeit: 8 Minute(n), 9 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 2
HKCU\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
OTL.txt:
OTL Logfile: Code:
OTL logfile created on: 25.06.2012 14:22:19 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\xxx\Pictures\experience
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,43% Memory free
4,23 Gb Paging File | 3,22 Gb Available in Paging File | 76,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137,53 Gb Total Space | 16,20 Gb Free Space | 11,78% Space Free | Partition Type: NTFS
Drive D: | 11,51 Gb Total Space | 2,15 Gb Free Space | 18,66% Space Free | Partition Type: NTFS
Computer Name: xxx | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.25 14:22:02 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Pictures\experience\OTL.exe
PRC - [2012.06.21 17:42:10 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.06.21 17:19:13 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
PRC - [2012.05.26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\xxx\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.21 17:42:09 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.06.21 17:19:13 | 009,459,912 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_262.dll
MOD - [2007.09.30 20:33:32 | 000,066,856 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\common\MCEMediaStatus.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Users\xxx\AppData\Local\Temp\TMIFUX.exe -- (TMIFUX)
SRV - File not found [On_Demand | Stopped] -- C:\Users\xxx\AppData\Local\Temp\RGVKDRKEUZ.exe -- (RGVKDRKEUZ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - File not found [On_Demand | Stopped] -- C:\Users\xxx\AppData\Local\Temp\KFXO.exe -- (KFXO)
SRV - File not found [On_Demand | Stopped] -- C:\Users\xxx\AppData\Local\Temp\JIQK.exe -- (JIQK)
SRV - File not found [On_Demand | Stopped] -- C:\Users\xxx\AppData\Local\Temp\GMBPZ.exe -- (GMBPZ)
SRV - File not found [On_Demand | Stopped] -- F:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2012.06.21 17:42:09 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.30 20:31:26 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009.08.24 14:16:12 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 09:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.19 09:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.03.26 04:11:16 | 000,225,280 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007.03.26 04:11:16 | 000,131,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2007.03.05 11:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wg111v2.sys -- (RTL8187)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.10.28 20:52:47 | 000,039,016 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2009.03.02 21:12:02 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.02.09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.12.04 03:42:00 | 007,606,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.03.04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008.02.23 21:10:07 | 000,085,713 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gmer.sys -- (gmer)
DRV - [2008.01.30 03:41:42 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2008.01.19 07:53:22 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008.01.14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007.10.18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.10.11 04:17:56 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007.07.11 11:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007.06.18 18:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.05.30 16:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.03.21 23:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.03.07 04:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.02.24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.02.16 23:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.01.23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
IE - HKLM\..\SearchScopes\{160DB79B-FE46-41D8-A2F7-3C3A5A247AAE}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{DE0A07AA-BDB3-475C-AB03-039789E444B3}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
IE - HKCU\..\SearchScopes\{160DB79B-FE46-41D8-A2F7-3C3A5A247AAE}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{9D99576C-BD4D-4F42-A23F-075C18545BAC}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=MYC-ST&o=102869&src=crm&q={searchTerms}&locale=&apn_ptnrs=5J&apn_dtid=YYYYYYYYDE&apn_uid=27d32dc7-97ea-4b58-83d6-bbca6756f10e&apn_sauid=1FBB20EC-CECB-415D-B6A3-4A6770126516
IE - HKCU\..\SearchScopes\{DE0A07AA-BDB3-475C-AB03-039789E444B3}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=414&sr=0&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=2: C:\Users\xxx\AppData\Local\Google\Update\1.2.121.9\npGoogleOneClick.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.07.12 00:09:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.21 17:42:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.30 11:24:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.07.16 16:07:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2012.03.11 18:52:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2010.07.16 16:07:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.06.24 19:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\dv0jhm7m.default\extensions
[2012.01.03 18:17:10 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\dv0jhm7m.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2011.01.11 20:30:33 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\dv0jhm7m.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011.07.30 02:38:07 | 000,002,400 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\dv0jhm7m.default\searchplugins\askcom.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\dv0jhm7m.default\searchplugins\icqplugin.xml
[2012.03.11 14:38:14 | 000,002,515 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\dv0jhm7m.default\searchplugins\Search_Results.xml
[2012.06.21 17:42:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.12.28 11:49:24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.24 19:39:23 | 000,013,459 | ---- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DV0JHM7M.DEFAULT\EXTENSIONS\{E6C1199F-E687-42DA-8C24-E7770CC3AE66}.XPI
[2012.06.21 17:42:10 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.01.23 21:41:00 | 000,800,344 | ---- | M] (America Online, Inc.) -- C:\Program Files\mozilla firefox\plugins\npampx3.0.84.2.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.06.21 17:42:03 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.21 17:42:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.21 17:42:03 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.21 17:42:03 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.11 14:38:14 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.21 17:42:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.21 17:42:03 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2008.12.03 11:47:56 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\xxx\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 227
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Lokales Intranet)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC3A04A0-F023-46A4-B61A-61A52850D1EC}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E248EFE8-5C9E-416A-95A8-55E63C8ABC2E}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEC2A99E-E9AD-4CB6-A30F-AA84AF70FAD6}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\xxx\Desktop\Frankfurt02.jpg
O24 - Desktop BackupWallPaper: C:\Users\xxx\Desktop\Frankfurt02.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.25 13:56:03 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2012.06.25 13:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.25 13:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.25 13:55:51 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.25 13:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.25 13:52:12 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\xxx\Desktop\mbam-setup-1.61.0.1400.exe
[2012.06.22 19:37:46 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\login
[2012.06.21 17:42:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.21 17:42:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.06.21 14:58:48 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Macromedia
[2012.06.16 17:52:29 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\tgudy
[2012.06.04 16:46:54 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\bilder_page
========== Files - Modified Within 30 Days ==========
[2012.06.25 14:33:00 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F578F9FB-12F5-4721-A6AC-31C861D9C89F}.job
[2012.06.25 14:20:20 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2012.06.25 14:19:51 | 000,264,500 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.06.25 14:18:42 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.25 14:18:11 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.25 14:18:11 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.25 14:17:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.25 14:16:39 | 000,000,020 | ---- | M] () -- C:\Users\xxx\defogger_reenable
[2012.06.25 13:55:54 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.25 13:53:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.25 13:51:58 | 000,264,500 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.06.25 13:50:06 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\xxx\Desktop\mbam-setup-1.61.0.1400.exe
[2012.06.25 13:47:16 | 001,012,656 | ---- | M] () -- C:\Users\xxx\Desktop\rkill.com
[2012.06.04 17:40:32 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.04 17:40:32 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.04 17:40:32 | 000,122,648 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.04 17:40:32 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.31 20:18:04 | 000,000,101 | ---- | M] () -- C:\Users\xxx\Desktop\cPix.ini
[2012.05.28 17:19:53 | 000,014,848 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Files Created - No Company Name ==========
[2012.06.25 14:16:05 | 000,000,020 | ---- | C] () -- C:\Users\xxx\defogger_reenable
[2012.06.25 13:55:54 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.25 13:52:12 | 001,012,656 | ---- | C] () -- C:\Users\xxx\Desktop\rkill.com
[2011.04.26 14:03:08 | 000,173,412 | ---- | C] () -- C:\Windows\hpwins12.dat
[2011.04.26 14:02:31 | 000,009,847 | ---- | C] () -- C:\Windows\hpwscr12.dat
[2011.04.26 14:02:31 | 000,000,981 | ---- | C] () -- C:\Windows\hpwmdl12.dat
[2011.01.27 15:31:28 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.09.11 10:13:19 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.04.13 11:06:30 | 014,169,764 | ---- | C] () -- C:\Program Files\setup.EXE
[2010.01.15 19:08:29 | 002,755,142 | ---- | C] () -- C:\Users\xxx\2330_mp3_07_mp3.mp3
[2009.10.20 20:22:12 | 000,000,680 | ---- | C] () -- C:\Users\xxx\AppData\Local\d3d9caps.dat
[2009.07.11 21:37:02 | 000,000,169 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\default.rss
[2009.01.01 10:35:39 | 000,264,500 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.01.01 10:35:39 | 000,264,500 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.11.16 21:33:30 | 000,531,268 | ---- | C] () -- C:\Program Files\PIXO RESCUE INSTALL.exe
[2008.09.28 21:12:39 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008.01.06 21:06:52 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008.01.04 21:05:15 | 000,014,848 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.28 21:04:20 | 000,095,022 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\nvModes.001
[2007.12.28 21:01:25 | 000,095,022 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\nvModes.dat
========== LOP Check ==========
[2012.03.21 21:31:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canneverbe Limited
[2012.03.22 22:40:25 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canon
[2012.05.14 20:26:29 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\elsterformular
[2008.03.16 16:03:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FDRLab
[2012.03.12 21:35:59 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FreeVideoConverter
[2011.12.28 09:54:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ICQ
[2008.02.08 13:56:41 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Image Zone Express
[2009.11.16 19:40:22 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\MAGIX
[2011.07.30 02:47:21 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ManyCam
[2009.10.12 21:02:06 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Mp3tag
[2009.07.12 00:11:21 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nokia
[2011.07.21 09:26:59 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nvu
[2008.11.10 16:19:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org
[2009.01.04 09:24:55 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Orbit
[2009.07.12 00:25:27 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PC Suite
[2011.11.12 22:02:18 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\phonostar GmbH
[2011.07.17 21:08:59 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\phonostar-Player
[2008.06.29 00:58:21 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PlayFirst
[2008.02.08 13:43:40 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Printer Info Cache
[2010.08.29 19:47:05 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Research In Motion
[2008.01.18 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\S.A.D
[2010.07.16 16:43:35 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\streamripper
[2010.07.16 16:07:09 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Thunderbird
[2010.06.30 11:07:20 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\VistaCodecs
[2012.06.25 14:16:57 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.06.25 14:33:00 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F578F9FB-12F5-4721-A6AC-31C861D9C89F}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:C980DA7D
< End of report >
--- --- ---
Extras.txt:
OTL Logfile: Code:
OTL Extras logfile created on: 25.06.2012 14:22:19 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\xxx\Pictures\experience
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,43% Memory free
4,23 Gb Paging File | 3,22 Gb Available in Paging File | 76,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137,53 Gb Total Space | 16,20 Gb Free Space | 11,78% Space Free | Partition Type: NTFS
Drive D: | 11,51 Gb Total Space | 2,15 Gb Free Space | 18,66% Space Free | Partition Type: NTFS
Computer Name: xxx | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06BBF3D8-24AE-4A4E-BCA2-DC33C918F5DF}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{17466727-3CB5-481C-A8E5-F984B8204C84}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{1754D6E8-CB51-4562-A8CC-B6E210DDAC1A}" = lport=445 | protocol=6 | dir=in | app=system |
"{21A53066-7BAF-4B3D-9572-4738E2298B18}" = rport=445 | protocol=6 | dir=out | app=system |
"{2D43E1BE-6A83-49F7-9FC9-51440E90E299}" = rport=137 | protocol=17 | dir=out | app=system |
"{3A1D86D2-A980-4CA5-B7AA-D8D8118AB36C}" = lport=49169 | protocol=6 | dir=in | name=akamai netsession interface |
"{4E28B29A-6141-4BD9-94CE-AD85083600D1}" = lport=138 | protocol=17 | dir=in | app=system |
"{556F89A1-EE14-4778-B38A-A7A57657D19B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5881B704-8CB2-4A08-A828-6AED46D768FF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5E25C5E9-8059-4B7C-A204-ABA96D11D0BA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6DC93670-5912-4692-9B95-EF0E87B1A302}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{71342145-8DE0-4430-9C49-DC652E76EB97}" = lport=139 | protocol=6 | dir=in | app=system |
"{75426BE3-7068-4641-9774-052BBBF86C36}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{75B0617E-B24B-4494-A9DB-E417E148A721}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{859A7099-24E9-4756-9A4A-C0090E96F7BD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9208F6B5-6EA5-445C-BF56-ABD61F069002}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{9553B7B2-1F25-420A-A404-76226B0DC716}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{96DF2104-EDA4-4BED-803B-1731705DF8DA}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{9B1322A7-8A40-4F38-8E45-AD2E937B30D3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B9772632-9D21-412E-ACA5-2C60970AD4C4}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BCE2385A-3A17-4B5D-BED1-5D0A28AB2D4F}" = lport=137 | protocol=17 | dir=in | app=system |
"{D587BA1F-E3C2-42BF-889F-66A99B072E36}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E6493F72-960C-4559-B9EF-A813BAF84019}" = rport=138 | protocol=17 | dir=out | app=system |
"{EF872269-0188-44B0-AF08-F7CC27F8837D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F9F201DB-FCA0-4339-BBB3-DB7C4060BBC9}" = rport=139 | protocol=6 | dir=out | app=system |
"{FA8ABBD8-2B71-47D2-A84A-C8BD434C0268}" = rport=2869 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01371A12-CF9E-485D-BAF3-9EE369B3659B}" = protocol=6 | dir=in | app=c:\program files\hewlett-packard\hp quick launch buttons\qlbctrl.exe |
"{0E00A7B0-3E2B-4A55-A9A4-56E7195B9754}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{2537FA7B-1BC4-4F73-885B-73DF381C4ECC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3E93236D-DF46-423D-82CB-6901F5D07DC2}" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"{40C90594-993F-4FB1-AB45-7D48E165C801}" = protocol=17 | dir=in | app=c:\windows\system32\dwm.exe |
"{44F80B60-BA57-4ED5-A1E1-2C9A5DC965DB}" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"{4ADAD00F-317E-4CC5-B2B9-02F2CA096ED8}" = protocol=6 | dir=in | app=c:\windows\system32\wininit.exe |
"{4DE01A4D-4665-46C4-A386-EC55B6467693}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{52F8108B-01B9-431C-A3D1-470A6C3028C7}" = protocol=6 | dir=in | app=c:\windows\system32\dwm.exe |
"{5F977339-B7E8-4136-953C-4602622DCB22}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{60C69B5A-738A-4674-87B4-2666211DAECA}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{6817AAB6-0205-4034-9C2A-75A302BE98EA}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{711AB593-E125-4AF8-8673-8517C82E7F8B}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{744D39A7-8103-4988-9ECD-85DDE9EF7BF1}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{81DA0A47-FE52-4D99-85D8-9273DC49E62E}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{8A65FABC-B338-4027-B66F-18ED35F0332D}" = protocol=17 | dir=in | app=c:\program files\hewlett-packard\hp quick launch buttons\qlbctrl.exe |
"{90774EEC-1534-4ABC-8BB4-527E2F51FB69}" = protocol=6 | dir=in | app=c:\users\xxx\appdata\local\akamai\netsession_win.exe |
"{92DCB33F-E051-451B-8719-2221865CCD5D}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{9DF3E758-BA47-4A4F-99FA-07853460D322}" = protocol=17 | dir=in | app=c:\windows\system32\logonui.exe |
"{A1311FF8-01B0-4084-B2D9-37A836FC01BA}" = protocol=17 | dir=in | app=c:\windows\system32\wininit.exe |
"{A4369538-FE65-4318-BB9F-30C5021D92E0}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{A765ECCF-69BF-472F-B933-48485A121CFA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AC70F380-EEB4-42E3-9B56-94AF7ED06FC4}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{B6178AD2-82DE-4637-9C36-12A2BB4D5B69}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B6B5E586-0CE3-4903-A26F-D6120AC8E669}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BCA65CD3-55D6-4935-B09D-832733FA0FB7}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C0DDC7D4-F489-4444-B5BB-E066ABBD222E}" = protocol=6 | dir=in | app=c:\windows\system32\logonui.exe |
"{D16B54F7-3F12-452C-A410-EA8D233D6C0F}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{D8604637-F7F5-4043-AC44-6211534BACE9}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{D8C51888-9125-4C32-832B-5F050EA5B8F8}" = protocol=17 | dir=in | app=c:\users\xxx\appdata\local\akamai\netsession_win.exe |
"{D91C4E72-A889-403F-9D66-9FAED86BB31B}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{E28D2173-8088-440D-812B-AFBB9731A65F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{ED529B6F-367F-4BEC-BCDA-AB6BE3C50026}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{F7EB9153-A1A1-4F4D-BA71-379AB37A34A4}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{FA2AC6B2-201E-4C4D-8D86-B2AEE2B66406}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{FDC3C43C-AF97-4148-9EA6-6A8348C5309D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{156E0B0D-C489-4A76-9118-86554593A6C9}C:\program files\fdrlab\anytv\anytv.exe" = protocol=6 | dir=in | app=c:\program files\fdrlab\anytv\anytv.exe |
"TCP Query User{255072F7-D09F-48BF-B26A-8690780BF22C}C:\users\xxx\webseite\typo3_452\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\users\xxx\webseite\typo3_452\apache\bin\apache.exe |
"TCP Query User{2AD900ED-EA72-482C-AC96-FA78FF7162A6}C:\users\xxx\webseite\typo3-lokal\typo3_4.3.0\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\users\xxx\webseite\typo3-lokal\typo3_4.3.0\apache\bin\apache.exe |
"TCP Query User{2F1F0A60-C05D-4167-BA54-682CE899F7A4}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{33B81538-A5F8-43DF-BBC8-11E2DBCF611D}C:\program files\webmediaplayer\webmediaplayer.exe" = protocol=6 | dir=in | app=c:\program files\webmediaplayer\webmediaplayer.exe |
"TCP Query User{3B2B50E1-81F9-4AA8-BEA1-7DD813C3BFA1}C:\users\xxx\webseite\typo3_4.5.0\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\users\xxx\webseite\typo3_4.5.0\apache\bin\apache.exe |
"TCP Query User{42425A31-685C-4BB6-B189-B28F077D09CC}C:\users\xxx\webseite\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\xxx\webseite\xampp\mysql\bin\mysqld.exe |
"TCP Query User{4648459C-291D-4ED2-8346-BFDFE5ECB06A}C:\users\xxx\webseite\xampp\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\xxx\webseite\xampp\xampp\mysql\bin\mysqld.exe |
"TCP Query User{48EDF041-E074-4433-A8CF-9164B3BF78D7}C:\program files\ws_ftp\ws_ftp95.exe" = protocol=6 | dir=in | app=c:\program files\ws_ftp\ws_ftp95.exe |
"TCP Query User{4E4CAEF2-8825-4744-BC03-46BC561FA101}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{52AED8CA-71CE-4328-ADD6-C26F11D55AB5}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{569F5DE3-ACA1-4F76-971B-F91E9136C632}C:\users\xxx\webseite\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\users\xxx\webseite\xampp\apache\bin\httpd.exe |
"TCP Query User{7EEC5B07-AD92-4181-9267-947862DA3E5F}C:\users\xxx\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\xxx\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{83173477-5E4A-49A6-894A-C8D1ADB0E165}F:\typo3_4.2.3\apache\bin\apache.exe" = protocol=6 | dir=in | app=f:\typo3_4.2.3\apache\bin\apache.exe |
"TCP Query User{9508CC10-4B9B-43E5-AC5A-E87F740B65F4}C:\users\xxx\webseite\typo3winstaller\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\users\xxx\webseite\typo3winstaller\apache\bin\apache.exe |
"TCP Query User{A7BDFDBF-42CB-45B7-9F45-E6C4E7894DA3}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{A8581407-709C-41A9-B698-8819441B07B9}C:\users\xxx\webseite\wamp\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\users\xxx\webseite\wamp\apache\bin\apache.exe |
"TCP Query User{AA2B66F2-E6AE-47B3-979B-0A227CE24811}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{B36602D7-2404-4CD5-8D5B-1458033F6863}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{B667C8F0-5F6B-43F9-B348-EB8DE7305138}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{B8323DFD-DC91-4458-8793-9931E935D9DF}C:\users\xxx\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=6 | dir=in | app=c:\users\xxx\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe |
"TCP Query User{D891E9A9-5594-40B3-9B9C-F2C3CD698B51}G:\typo3_4.2.3\apache\bin\apache.exe" = protocol=6 | dir=in | app=g:\typo3_4.2.3\apache\bin\apache.exe |
"TCP Query User{DD2123A2-63D2-4A47-97FA-2EBAA5F8D971}C:\program files\audiojack 2\ajack2.exe" = protocol=6 | dir=in | app=c:\program files\audiojack 2\ajack2.exe |
"TCP Query User{F6C3EE7A-8F92-499F-905C-74B82FD71637}C:\users\xxx\webseite\xampp\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\users\xxx\webseite\xampp\xampp\apache\bin\httpd.exe |
"TCP Query User{FC00A5C0-F4FA-4FEE-8CD1-252DE4396763}C:\users\xxx\webseite\xampp\filezillaftp\filezilla server.exe" = protocol=6 | dir=in | app=c:\users\xxx\webseite\xampp\filezillaftp\filezilla server.exe |
"UDP Query User{0010DEED-C314-44E0-BCD6-886D9F8A4FFC}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{19C0CF8A-EF29-4D36-8A83-59C92533333A}C:\users\xxx\webseite\xampp\filezillaftp\filezilla server.exe" = protocol=17 | dir=in | app=c:\users\xxx\webseite\xampp\filezillaftp\filezilla server.exe |
"UDP Query User{224A72A6-69E6-4B1F-8729-F5789FB55EE9}C:\program files\audiojack 2\ajack2.exe" = protocol=17 | dir=in | app=c:\program files\audiojack 2\ajack2.exe |
"UDP Query User{2E174834-A641-4957-9FF4-CD180B46459A}C:\program files\webmediaplayer\webmediaplayer.exe" = protocol=17 | dir=in | app=c:\program files\webmediaplayer\webmediaplayer.exe |
"UDP Query User{40B00F59-89B5-4C20-B6EA-2A3D1A7969AD}C:\program files\fdrlab\anytv\anytv.exe" = protocol=17 | dir=in | app=c:\program files\fdrlab\anytv\anytv.exe |
"UDP Query User{4CF06022-BE00-46F3-AE9E-265BE5DB0F38}C:\users\xxx\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\xxx\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{4DFFC108-892D-4A26-A688-5763EBD0DDA9}C:\users\xxx\webseite\typo3-lokal\typo3_4.3.0\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\users\xxx\webseite\typo3-lokal\typo3_4.3.0\apache\bin\apache.exe |
"UDP Query User{61AE54F0-8A78-4F36-B31E-87D4B88BF45E}C:\users\xxx\webseite\typo3winstaller\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\users\xxx\webseite\typo3winstaller\apache\bin\apache.exe |
"UDP Query User{7199A69B-48F6-4E4A-A37B-64AB51BB082E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{73768EA9-5E4C-45EF-B09B-0BC9A89FB7D5}C:\users\xxx\webseite\typo3_452\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\users\xxx\webseite\typo3_452\apache\bin\apache.exe |
"UDP Query User{7819A74D-C702-4D88-8964-36FA01FF19E3}G:\typo3_4.2.3\apache\bin\apache.exe" = protocol=17 | dir=in | app=g:\typo3_4.2.3\apache\bin\apache.exe |
"UDP Query User{7F66A8C7-FD8B-4D67-9C11-0301F1FB2CB0}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{819F128A-690E-4E8D-B114-AC4C6A2A9585}F:\typo3_4.2.3\apache\bin\apache.exe" = protocol=17 | dir=in | app=f:\typo3_4.2.3\apache\bin\apache.exe |
"UDP Query User{8CF62D69-A4DF-4FF7-A454-8C4F711DED7C}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{90BE51B4-6E99-4FCF-B93F-61DF454C59B9}C:\users\xxx\webseite\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\users\xxx\webseite\xampp\apache\bin\httpd.exe |
"UDP Query User{9587EB1C-7711-4E74-9388-9525AE0995BC}C:\users\xxx\webseite\xampp\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\users\xxx\webseite\xampp\xampp\apache\bin\httpd.exe |
"UDP Query User{BCD2F9B4-5C9E-4060-ACA9-B21AFC945662}C:\users\xxx\webseite\xampp\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\xxx\webseite\xampp\xampp\mysql\bin\mysqld.exe |
"UDP Query User{C68B75B4-D4BB-4962-88B6-1FC955BA72AB}C:\users\xxx\webseite\typo3_4.5.0\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\users\xxx\webseite\typo3_4.5.0\apache\bin\apache.exe |
"UDP Query User{DCD1CE99-67C5-40C9-8AF6-978527C76D2B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{DD886455-700A-4331-8AEB-35B9EFE97B56}C:\program files\ws_ftp\ws_ftp95.exe" = protocol=17 | dir=in | app=c:\program files\ws_ftp\ws_ftp95.exe |
"UDP Query User{DFC03062-885C-4AB4-93A9-DC84CF6DD445}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{E5AA6895-5CB5-45C8-9032-47FB8485E459}C:\users\xxx\webseite\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\xxx\webseite\xampp\mysql\bin\mysqld.exe |
"UDP Query User{F51870E9-BF8C-4D95-B4AD-A82E27D7CA5E}C:\users\xxx\webseite\wamp\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\users\xxx\webseite\wamp\apache\bin\apache.exe |
"UDP Query User{FA3F8D24-8C62-4265-8DD9-B6165805FC04}C:\users\xxx\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=17 | dir=in | app=c:\users\xxx\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe |
"UDP Query User{FEAB8FA6-CB56-4CDE-B4F3-C837F986A860}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0BC4864E-72C5-472D-8692-0E5971E0BD36}" = BPDSoftware_Ini
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{10829556-7C82-4a83-8C81-F2D98472C76B}" = H470
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12787065-3D5B-414e-B7A8-859E74785034}" = SF_CDC_Software
"{14BF164E-80A4-422E-BE43-39FB759666C2}_is1" = Avi to Mpeg 3.2
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2284D904-C138-4B58-93EC-5C362AB5130A}" = Die Sims™ Lebensgeschichten
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{244E1FF0-B8BE-4927-9268-0782C4079F56}" = 5400_Help
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 30
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{39CEE1F2-12B6-4C50-9131-04BFCA110578}" = PowerCinema NE for Everio
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3D356AA9-2D0C-4373-A762-B42F1A289233}" = MSCU for Microsoft Vista
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{488EF5B2-F072-46a1-B088-BEC3F4151E30}" = 5400
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4D49757C-367A-4333-BDB3-68966162B14E}" = HP User Guides 0087
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5A15F754-086E-4185-96F4-0BC31F1A2382}" = HP Officejet H470 Series
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{621FCD24-4498-4324-A81E-07D331376EDF}" = PixiePack Codec Pack
"{6673E0F4-D376-431b-A6F4-18D1B86B4A89}" = BPDSoftware
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{68661EEA-28C4-4401-9D86-9AE17269560E}" = SF_CDC_ProductContext
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B349DE1-590D-4506-B272-9115EC31F7D2}" = 470_Help
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4
"{7EC19307-7C22-47A8-922B-3FA965291260}" = OpenOffice.org 3.0
"{807F38E5-ED2E-489A-BDD2-D502434E1550}" = Portable MP3 Player
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{83DD8CC8-522E-4B75-836F-8775FDA4B5AB}" = Hotel Gigant 2
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D6306BE-BF85-45E0-A629-411FA83F8A83}" = AudioJack 2
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BA6E8AF-2122-4825-9B55-98BC351E3C94}" = ESU for Microsoft Vista
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BA72A4E3-D2D0-4203-A17E-E53012B8807C}" = BPD_HPSU
"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox Ver4.1
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}" = QuickTime
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{E022C318-BAC9-468D-8731-3C5EE63C7743}" = 470_Readme
"{E06C8E13-7A8C-434C-8548-34BC4762212D}" = Logitech Harmony Remote Software 7
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E088AC54-7379-4C8F-A8B6-D2381E5A1172}" = Manual CanoScan 3000,3000F
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EE5F0136-2C7C-42a7-B1B0-5F12D107A0EE}" = ProductContext
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FB79A6DF-44D2-40a6-9FFC-34BDEEBD980B}" = HP Deskjet Printer Driver Software 8.0.C
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Akamai" = Akamai NetSession Interface Service
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"CCleaner" = CCleaner (remove only)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Content Uploader" = DivX Content Uploader
"dm-Fotowelt" = dm-Fotowelt
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows-Treiberpaket - Nokia Modem (06/01/2009 4.1)
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"ElsterFormular für Privatanwender 12.1.1.6214p" = ElsterFormular für Privatanwender
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.3)
"FastStone Image Viewer" = FastStone Image Viewer 3.4
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Foxit Reader" = Foxit Reader
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}" = QuickTime
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{EF0D610C-92BE-4D8F-BD33-9F658F8754F1}" = GTI Racing
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"Mozilla Thunderbird (3.1)" = Mozilla Thunderbird (3.1)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.46a
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OCR-TextScan 2 Word 1" = OCR-TextScan 2 Word 1
"Picasa 3" = Picasa 3
"RealPlayer 12.0" = RealPlayer
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4
"Streamripper" = Streamripper (Remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.0
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.10.2010 02:30:55 | Computer Name = xxx | Source = Windows Search Service | ID = 3013
Description =
Error - 29.10.2010 02:30:55 | Computer Name = xxx | Source = Windows Search Service | ID = 3013
Description =
Error - 29.10.2010 02:30:55 | Computer Name = xxx | Source = Windows Search Service | ID = 3013
Description =
Error - 29.10.2010 02:30:55 | Computer Name = xxx | Source = Windows Search Service | ID = 3013
Description =
Error - 29.10.2010 02:30:56 | Computer Name = xxx | Source = Windows Search Service | ID = 3013
Description =
Error - 29.10.2010 02:30:56 | Computer Name = xxx | Source = Windows Search Service | ID = 3013
Description =
Error - 29.10.2010 02:30:56 | Computer Name = xxx | Source = Windows Search Service | ID = 3013
Description =
Error - 29.10.2010 02:30:56 | Computer Name = xxx | Source = Windows Search Service | ID = 3013
Description =
Error - 29.10.2010 02:30:56 | Computer Name = xxx | Source = Windows Search Service | ID = 3013
Description =
Error - 29.10.2010 02:30:56 | Computer Name = xxx | Source = Windows Search Service | ID = 3013
Description =
[ System Events ]
Error - 24.06.2012 10:23:55 | Computer Name = xxx | Source = HTTP | ID = 15016
Description =
Error - 24.06.2012 10:25:12 | Computer Name = xxx | Source = Service Control Manager | ID = 7000
Description =
Error - 24.06.2012 10:25:12 | Computer Name = xxx | Source = Service Control Manager | ID = 7000
Description =
Error - 25.06.2012 07:44:32 | Computer Name = xxx | Source = HTTP | ID = 15016
Description =
Error - 25.06.2012 07:46:18 | Computer Name = xxx | Source = Service Control Manager | ID = 7000
Description =
Error - 25.06.2012 07:46:18 | Computer Name = xxx | Source = Service Control Manager | ID = 7000
Description =
Error - 25.06.2012 08:18:01 | Computer Name = xxx | Source = HTTP | ID = 15016
Description =
Error - 25.06.2012 08:19:29 | Computer Name = xxx | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.
Error - 25.06.2012 08:19:41 | Computer Name = xxx | Source = Service Control Manager | ID = 7000
Description =
Error - 25.06.2012 08:19:41 | Computer Name = xxx | Source = Service Control Manager | ID = 7000
Description =
< End of report >
--- --- ---
Ich habe ein 32bit Windows Vista System, konnte aber das programm gmer.exe nicht ausführen. Das Programm hat meinen Pc nach Sekunden zum Neustart gezwungen. |
