| blueheart007 | 08.07.2012 12:51 |
Windows Update Trojaner
ein Hallo an alle in der community. Habe immer noch ein Problem mit dem Verschlüsselungstrojaner. Mein Sohn hat sich den auf seinem rechner eingefangen, nachdem er eine zip-datei geöffnet hatte (irgend so ein minecraft-skin oder sowas):headbang: hab das vor zwei wochen schon entfernt, mit malware-bytes, ging auch prima, obwohl ich Depp mich nicht an die Anweisungen hier gehalten habe, sondern die Funde gleich hab löschen lassen. Dachte, damit sei es getan. Die Aufforderung zur zahlung kommt auch nicht mehr, habe dann mühsam mit Shadow-Explorer alle verschlüsselten Dateien wieder zurück kopiert. Ein paar Tage später sind alle dateien wieder verschlüsselt, es kommt zwar nicht die aufforderung, zu zahlen, man kann den rechner normal nutzen, nur die dateien sind wieder futsch. Hab jetzt malwarebytes nochmal drüber laufen lassen, der findet aber nix. lediglich avira hat angeschlagen und mir folgende Meldung gebracht: [FUND] Ist das Trojanische Pferd TR/Matsnu.EB.31 und hat diesen fund bereinigt. Was kann ich tun, damit ich die dateien dauerhaft wieder herstellen kann? MIt shadowexplorer geht es ja, nur bringt das nix, wenn ein paar tage später wieder alles verschlüsselt ist.
Danke schon mal für alle hilfreichen tipps im voraus.
Gruß Uwe
Hier jetzt die otl.txtOTL Logfile: Code:
OTL logfile created on: 08.07.2012 18:53:49 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Marc\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,56 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 66,65% Memory free
7,12 Gb Paging File | 5,88 Gb Available in Paging File | 82,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 161,94 Gb Free Space | 69,57% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Marc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.08 18:53:35 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe
PRC - [2012.07.08 18:51:54 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.06.27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012.05.21 16:30:24 | 000,935,480 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.02.10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.11.07 21:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
PRC - [2011.11.07 21:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
PRC - [2011.07.01 11:39:03 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.27 14:18:42 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.02 21:29:50 | 000,009,216 | ---- | M] (www.shadowexplorer.com) -- C:\Programme\ShadowExplorer\sesvc.exe
PRC - [2010.11.05 20:31:19 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.07.04 20:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Programme\Nero\Update\NASvc.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.12.09 14:44:20 | 000,713,032 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009.12.09 14:42:14 | 001,044,808 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.08 18:51:54 | 002,042,848 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.02.27 18:17:40 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2012.02.09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Programme\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\ProgramData\IBUpdaterService\ibsvc.exe /SERVICE -- (IBUpdaterService)
SRV - [2012.07.08 18:51:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.21 16:30:24 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.11.07 21:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011.11.07 21:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011.07.01 11:39:03 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.27 14:18:42 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.02 21:29:50 | 000,009,216 | ---- | M] (www.shadowexplorer.com) [Auto | Running] -- C:\Programme\ShadowExplorer\sesvc.exe -- (sesvc)
SRV - [2010.07.04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.01.06 03:44:03 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.12.09 14:42:14 | 001,044,808 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.12.09 14:38:30 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.08.10 13:34:40 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.11.04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\\SystemRoot\System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2012.05.21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudobex.sys -- (ssudobex) SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.)
DRV - [2012.05.21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2012.05.21 04:09:00 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.02.10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.01.17 14:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.11.10 19:32:00 | 000,095,304 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV - [2011.07.01 11:39:04 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.01 11:39:04 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.14 02:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.04.27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010.04.27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010.04.27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007.10.25 19:31:08 | 000,616,064 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007.09.17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2003.11.14 10:38:32 | 000,183,680 | ---- | M] (D-Link. All Rights Reserved.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETDLWL.sys -- (NETDLWL) D-Link Air Wireless Adapter(DL)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=dpg&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={24D37CD6-7170-4586-B0FA-1D8C221395F2}&mid=f298667c21564c9593c0d71952b4a87f-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=dw011&pr=sa&d=2012-05-21 16:30:26&v=11.1.0.7&sap=hp
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=dpg&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=100346&babsrc=SP_ss&mntrId=008a1226000000000000001195290246
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={24D37CD6-7170-4586-B0FA-1D8C221395F2}&mid=f298667c21564c9593c0d71952b4a87f-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=dw011&pr=sa&d=2012-05-21 16:30:26&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Free Lunch Design Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1708250&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: avg@toolbar:11.1.0.7
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {C9B68337-E93A-44EA-94DC-CB300EC06444}:4.45.0
FF - prefs.js..extensions.enabledItems: webbooster@iminent.com:4.22.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.9.0.9216
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012.06.25 15:03:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.24 17:57:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.08 18:51:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.16 14:27:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.24 17:57:49 | 000,000,000 | ---D | M]
[2009.10.08 12:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\Extensions
[2012.07.08 18:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\1u47sd1b.default\extensions
[2011.01.16 13:22:19 | 000,000,000 | ---D | M] (Free Lunch Design Toolbar) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\1u47sd1b.default\extensions\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}
[2012.07.08 18:52:02 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\1u47sd1b.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.09.08 17:55:35 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\1u47sd1b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.12.02 21:58:17 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\1u47sd1b.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2010.08.17 20:27:17 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\1u47sd1b.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011.11.29 15:22:55 | 000,002,270 | ---- | M] () -- C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\1u47sd1b.default\searchplugins\SearchTheWeb.xml
[2012.06.16 14:27:08 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.03.16 19:14:47 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.12.02 21:58:17 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com
[2011.12.02 21:58:17 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\WEBBOOSTER@IMINENT.COM
[2012.07.08 18:51:54 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.07.08 18:51:51 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.05.21 16:30:22 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.06.16 10:35:28 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.07.08 18:51:51 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.08 18:51:51 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.02.10 16:08:27 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.07.08 18:51:51 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.10 12:21:02 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2012.07.08 18:51:51 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.08 18:51:51 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.02.17 17:23:16 | 000,000,852 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [wyat.exe] C:\Users\Marc\AppData\Roaming\Yqwez\wyat.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFA3E22A-FDCD-4A04-A6F4-91DDB2A5C842}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2e2ea98a-c146-11de-82d5-001195290246}\Shell - "" = AutoRun
O33 - MountPoints2\{2e2ea98a-c146-11de-82d5-001195290246}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{2e2ea9c4-c146-11de-82d5-001195290246}\Shell - "" = AutoRun
O33 - MountPoints2\{2e2ea9c4-c146-11de-82d5-001195290246}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.08 18:53:31 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe
[2012.07.08 18:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.07.08 18:49:53 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012.07.08 14:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012.07.08 14:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012.07.08 13:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.08 13:21:00 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.08 13:20:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.25 15:07:15 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Malwarebytes
[2012.06.25 14:54:21 | 000,000,000 | ---D | C] -- C:\Users\Marc\Lllliii
[2012.06.24 18:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012.06.24 18:14:37 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\HP
[2012.06.24 18:04:52 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\HP
[2012.06.24 17:56:55 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012.06.24 17:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012.06.24 17:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2012.06.24 17:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2012.06.24 17:55:21 | 000,000,000 | ---D | C] -- C:\Windows\hpoj4500g510n-z
[2012.06.24 17:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012.06.24 17:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012.06.24 15:23:37 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\.techniclauncher
[2012.06.23 17:56:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
[2012.06.23 17:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\ShadowExplorer
[2012.06.23 17:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.22 13:12:50 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Aavvvveeee
[2012.06.16 14:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.16 14:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.06.16 13:20:22 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\My Videos
[2012.06.16 13:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2012.06.16 13:18:00 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec
[2012.06.16 13:11:09 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\SelfMV
[2012.06.16 12:14:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NortonPCCheckup
[2012.06.16 12:14:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NortonPCCheckup\0200110.014
[2012.06.16 12:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PC Checkup
[2012.06.16 12:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Norton PC Checkup
[2012.06.16 12:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012.06.16 12:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012.06.16 12:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012.06.16 11:27:55 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\Samsung
[2012.06.16 11:27:49 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\samsung
[2012.06.16 11:25:59 | 000,181,432 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudobex.sys
[2012.06.16 11:25:59 | 000,181,432 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.06.16 11:25:59 | 000,080,824 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2012.06.16 11:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012.06.16 11:24:45 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2012.06.16 11:24:36 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2012.06.16 11:05:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.06.16 11:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverBoost
[2012.06.16 10:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012.06.16 10:34:37 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\Babylon
[2012.06.16 10:34:36 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Babylon
[2012.06.16 10:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.06.16 10:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2006.11.20 10:01:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\AMCap.exe
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.08 18:53:35 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe
[2012.07.08 18:49:54 | 000,000,896 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012.07.08 18:49:30 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.08 18:49:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.08 18:49:08 | 2868,191,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.08 18:48:04 | 000,000,020 | ---- | M] () -- C:\Users\Marc\defogger_reenable
[2012.07.08 18:47:06 | 000,050,477 | ---- | M] () -- C:\Users\Marc\Desktop\Defogger.exe
[2012.07.08 18:16:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.08 13:26:38 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.08 13:26:38 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.08 13:21:01 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.08 13:12:25 | 000,001,309 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012.06.24 18:14:40 | 000,002,164 | ---- | M] () -- C:\ProgramData\xxoooEfffVjjjAttss
[2012.06.24 18:14:39 | 000,241,192 | ---- | M] () -- C:\Windows\hpwins28.dat
[2012.06.24 18:10:26 | 000,339,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.24 17:56:21 | 000,002,069 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012.06.24 14:48:38 | 000,052,736 | ---- | M] () -- C:\Users\Marc\Desktop\OODDDDQQQQTTTarrrNsss
[2012.06.23 20:11:45 | 000,946,352 | ---- | M] () -- C:\Users\Marc\Desktop\pXXgggglDDDuuuuaT
[2012.06.23 20:08:12 | 000,002,675 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office Outlook 2007.lnk
[2012.06.20 13:41:05 | 000,657,438 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.20 13:41:05 | 000,618,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.20 13:41:05 | 000,130,810 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.20 13:41:05 | 000,107,034 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.16 11:29:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2012.06.16 11:27:43 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012.06.16 10:35:32 | 000,000,474 | ---- | M] () -- C:\XpXOgOgesesJvvJa
[2012.06.12 16:15:54 | 000,001,608 | ---- | M] () -- C:\Users\Marc\Desktop\TaTrNNNseesJJJJXX
[2012.06.10 12:56:21 | 000,690,289 | ---- | M] () -- C:\Users\Marc\Desktop\VEEEEttttAAjjU
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.08 18:49:54 | 000,000,896 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012.07.08 18:47:17 | 000,000,020 | ---- | C] () -- C:\Users\Marc\defogger_reenable
[2012.07.08 18:47:05 | 000,050,477 | ---- | C] () -- C:\Users\Marc\Desktop\Defogger.exe
[2012.07.08 13:21:01 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.24 18:12:47 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp
[2012.06.24 17:57:12 | 000,001,030 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
[2012.06.24 17:56:51 | 000,001,309 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012.06.24 17:56:21 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012.06.24 17:54:10 | 000,241,192 | ---- | C] () -- C:\Windows\hpwins28.dat
[2012.06.24 17:54:10 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat
[2012.06.23 20:08:12 | 000,002,675 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office Outlook 2007.lnk
[2012.06.16 14:27:06 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.16 12:14:17 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NortonPCCheckup\0200110.014\isolate.ini
[2012.06.16 11:29:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2012.06.16 11:27:43 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012.05.23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.05.23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.05.23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.05.23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.05.23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.05.21 16:29:37 | 000,723,294 | ---- | C] () -- C:\Windows\unins000.exe
[2012.05.21 16:29:37 | 000,106,879 | ---- | C] () -- C:\Windows\unins000.dat
[2012.05.12 21:01:50 | 000,074,752 | ---- | C] () -- C:\Windows\System32\CLEyeDevices.dll
[2012.05.05 20:35:04 | 000,004,608 | ---- | C] () -- C:\Users\Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.23 19:16:31 | 002,497,985 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.02.09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.10.01 09:25:24 | 000,138,056 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\PnkBstrK.sys
[2010.07.11 10:34:33 | 000,117,536 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[1601.02.13 10:28:18 | 012,824,576 | ---- | C] () -- C:\ProgramData\UdddooooxxxxAjjjfff
[1601.02.13 10:28:18 | 000,002,164 | ---- | C] () -- C:\ProgramData\xxoooEfffVjjjAttss
[1601.02.13 10:28:18 | 000,001,456 | ---- | C] () -- C:\Users\Marc\oEEVfffAjjjtttsnnnn
[1601.02.13 10:28:18 | 000,001,326 | ---- | C] () -- C:\Users\Marc\UnnnnttttjjjAV
========== LOP Check ==========
[2012.06.23 21:38:34 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\.minecraft
[2012.06.25 15:01:05 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\.techniclauncher
[2012.06.23 20:00:59 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Aavvvveeee
[2009.10.25 12:05:17 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Ace
[2012.06.16 10:34:36 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Babylon
[2012.05.21 15:49:09 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\DAEMON Tools Lite
[2011.11.08 17:55:24 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\DVDVideoSoft
[2011.11.08 17:49:17 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.01.23 16:46:18 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\EAC
[2012.03.24 15:46:10 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\gtk-2.0
[2010.09.08 17:53:57 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\IObit
[2012.03.08 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\LOVE
[2010.03.21 15:09:12 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ML
[2012.03.19 20:24:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Nav
[2011.03.02 16:28:07 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\OpenCandy
[2012.03.23 20:26:16 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Paeh
[2010.03.21 14:52:32 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\PC Suite
[2012.01.15 13:41:36 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\pymclevel
[2012.06.16 11:27:50 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Samsung
[2012.04.03 15:07:01 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\TeamViewer
[2012.06.16 13:39:16 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Temp
[2012.05.28 23:41:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\TS3Client
[2012.04.22 20:03:15 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ts3overlay
[2010.01.06 11:00:01 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\TuneUp Software
[2012.06.20 13:46:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Usol
[2010.07.10 11:00:52 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\uTorrent
[2009.12.26 20:01:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\VOWSoft
[2012.07.08 13:24:13 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Yqwez
[2012.04.16 17:16:29 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- ---
und die extras.txt:OTL Logfile: Code:
OTL Extras logfile created on: 08.07.2012 18:53:49 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Marc\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,56 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 66,65% Memory free
7,12 Gb Paging File | 5,88 Gb Available in Paging File | 82,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 161,94 Gb Free Space | 69,57% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Marc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02CAC1F2-6BDC-4442-81D8-39A559866D27}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{052A3DCD-D595-4ADB-8A99-A74F644F74D8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D876DBE-3004-48CF-9735-304D95FF07FB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{114EB8E1-973C-4D97-BD18-27AAE3DF3237}" = lport=138 | protocol=17 | dir=in | app=system |
"{28209765-CA1D-4C01-B6CE-BF7E0D4C3860}" = lport=10243 | protocol=6 | dir=in | app=system |
"{36296F85-F860-4704-B154-CEB004EB2F14}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{3AB5B97B-FF53-48D5-8834-526F2EB103B6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46D9D26B-A36F-4FC2-9565-5E4B16E18634}" = lport=2869 | protocol=6 | dir=in | app=system |
"{54E8FD00-7008-47EB-9C9B-6CDE0EAA8122}" = rport=137 | protocol=17 | dir=out | app=system |
"{5882A000-EF51-45BD-B013-7C31D8DB7503}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5B818502-9145-4E17-9C7B-0FA3BD2CE017}" = lport=137 | protocol=17 | dir=in | app=system |
"{660ADB5D-F6EB-468B-8C78-7EF534945204}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6843EE47-F130-49D4-BBBF-4BE74565C00E}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{6F0276BB-FF51-47A9-A2F2-95FAEA5B7553}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{7B584832-A4D2-4E95-88BD-F358F8C9CFB9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7DDE0B88-F3BC-4881-B4CB-4A86DA407CC8}" = lport=445 | protocol=6 | dir=in | app=system |
"{7F7432EA-D4B4-4FCE-B195-7796F2441631}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{85251080-AD27-48DB-9D61-F2027B5F02B1}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\rpcagentsrv.exe |
"{967288A7-DD50-44A7-A0DD-2AAC54092DC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4D64974-6BDD-4571-BFAF-EE26854FD1AB}" = rport=138 | protocol=17 | dir=out | app=system |
"{B8A16771-965F-4B82-B384-AE45BD38E19A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{BEA71CB9-E99D-4FB8-B16F-12C4459F6BD3}" = rport=139 | protocol=6 | dir=out | app=system |
"{C240DDC9-D8EB-4221-8B4D-8DC297DD2EAF}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{C8D2E36B-7406-45BD-B0F6-31C6824F3694}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C9CDBFFC-9E12-4EFD-A3D1-88D9383E4632}" = lport=139 | protocol=6 | dir=in | app=system |
"{D96D9569-3FDD-46BE-802A-0666DC179B15}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF8E6B6C-2C28-432A-BD14-17CC59A4E5EF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E4B64D37-6D64-4746-BD94-D88EC3D0572C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E5B04D39-9F0F-4F95-B2C2-BFE47B8CEA46}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EBFD80AC-FE39-4C8E-A86B-6EF9B3630DCE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F3C1DAEE-4041-4485-90ED-F9FADCA5DD63}" = rport=445 | protocol=6 | dir=out | app=system |
"{FCB716A4-C63C-4DC7-978F-44587ED02892}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{005D8611-0A3E-4863-8CAB-E56FDEE62935}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{016F7AD2-D993-4EF5-A955-729585D2CD15}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{04A7FB85-8B16-4769-93CE-20C61BEE7EEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0628A924-182C-4CEE-956C-9C521E6796C9}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{081E05F7-9E80-48B8-9601-2A45DD7440A0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{0877954B-AB37-4469-9638-E98A8A79BF15}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A7AF1D2-EBE5-4BCB-98E5-F4C5BEF9DFF2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0C34975E-1C00-4D9E-B7FD-A7213067E3DA}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{0D3785A2-4B1B-479B-BAF1-62D6C0265A23}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{19CFEF43-CA16-4572-B87B-7A61968FD722}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1C440BDA-AC23-4086-9771-76B2DD14E1A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1DDC602B-A678-4A02-8EEB-27F2163CDE77}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{2450ECE2-D7BF-461C-AD16-7B2ADC7A7ECC}" = dir=in | app=c:\users\marc\appdata\roaming\caizwu\omquuv.exe |
"{27B40E8C-941D-444B-9BF0-FAFD0ABF64BB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2FCF5E70-A2D8-4D91-B980-66C0E61DC73F}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{3022927B-B3C1-4770-851D-32DD448C3D86}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{349D5E97-86F2-4579-B893-D40B1A292F31}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{34B71966-2466-4DF6-8D57-F6C2260B0E73}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3D01B98D-6F7F-465D-AED3-00797A71CB01}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4135BAD7-3982-4AE5-8655-B9B8FD07B9BC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4B8E0D77-1431-4C74-B3B4-C5AFEF789AA8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{533E0691-6A67-44E2-B67A-AD43E0F654BB}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{58FBC19C-42B3-493C-95E8-92DAACD4CB3E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{594B5D62-2060-4C79-8F4B-7E6C49ED78C3}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{59F4633A-6EF7-4CE0-9960-AD7BB1211512}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A537822-0542-4D2A-BF35-96BDF9DEFB43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B4A945D-B983-434C-B1A8-12D474691266}" = dir=in | app=c:\users\marc\appdata\roaming\ukt\kaocyp.exe |
"{61689875-4EB9-4CD3-BD64-E942E7646EA8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66CE61D9-CBA1-46D7-B423-4F820A53598A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7385F193-68E2-4794-83CC-BE6DB5101F81}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73FBC5A1-657F-4522-A995-979F413B8A3E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7BF56B93-DA53-48A9-A5AE-51BE5A6E367B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D0CFE66-89E2-4CDF-B5A6-A6BB7D511E3E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D84475D-F2B9-4F20-8285-DCC4BC0EB970}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{7EB7552C-7B7E-4647-9C41-F2CB89AD48BE}" = dir=in | app=c:\users\marc\appdata\local\temp\hp\oj4500vg510n-z_full_13\setup\hpznui01.exe |
"{89C1F0CD-0C78-44B1-8B63-0B13FDC6C3B8}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8B2BF136-A5CB-4CC9-8750-3D24C627B7C9}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\rpcagentsrv.exe |
"{8FB2FE86-C42D-4C63-AEA8-488F13F4BFCB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{97640F88-2FB1-4899-88D6-229139A2C094}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{9B67495A-49B4-44D3-B33E-568AC6A14900}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A123AF15-F53E-40C4-B571-5194473B6B5A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A19C9B7C-5389-42D0-8AD3-D61B1E02B657}" = protocol=6 | dir=out | app=system |
"{A2083CC7-9881-4E22-A700-37B696915F2F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A54F46DB-DD42-4FBA-B376-9FE4965DDDFE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFCECB70-B939-4470-B5EA-F64B6F770D2E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B131EEE0-7B04-4316-843C-8922C2665DAD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B21FC084-7DCC-4ACF-9671-5EFFB951C0E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B9EEEF83-3B7E-4666-8DB4-2C78773F9386}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BDDC63CC-FDB9-4067-97BF-620080020D1F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C011A033-F2CD-4A49-B8DC-22FADBFF2BB3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C41464D4-A3FE-40C2-8E8E-CE6FC2139BED}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1D792CC-4D24-4D93-82E4-45AAC1B2BC44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D407789A-1A14-4851-AFCF-F17B9ACBFC83}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5AC5A0C-D652-495C-8D8D-7677016E87B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D6F5C5EE-5E57-47C6-A5D9-7D2A08135D55}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D7C90040-9627-4838-AB44-152444302AF0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D9A2FF27-6CCA-4429-A5CA-11325735B7D3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E2FD37C4-BE3A-408F-9D25-D334C7D68419}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{E3E4AAE2-838A-41CE-8EBE-66CD35F7AA56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7CAF1DB-411C-41C2-A54C-1230B478F41C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF867302-F88F-4640-8FBA-06A7CEC36594}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F29B71ED-460F-4AB8-9485-A5EA81F2D568}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2B21985-158B-4A0F-9986-0E27812F8A82}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F84EEAD8-F85F-496D-91F0-09D6171752EB}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"TCP Query User{19AAD408-A4FC-435F-96BF-081D02D24D8B}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{4262856C-8EBA-4375-A845-6852341C305D}C:\program files\phenomedia\moorhuhn total 5\moorhuhn kart 3\moorhuhn_kart3.exe" = protocol=6 | dir=in | app=c:\program files\phenomedia\moorhuhn total 5\moorhuhn kart 3\moorhuhn_kart3.exe |
"TCP Query User{AFE500CB-840B-4C5F-8F0B-58F5ECAB29BC}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe |
"TCP Query User{BF14DF89-4AEC-42B4-8424-CC3EE4381AEB}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{D6F1AE32-0570-477C-B9ED-DA67FAF6D816}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe |
"TCP Query User{DE8232E4-A934-47A6-970E-9369150ACB27}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F15EA9AD-C100-4399-B8B9-63D1CA00AA5F}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{074A5CAA-717D-4298-B243-5C6A389F7DAC}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2010D67B-1438-4413-A404-0A50994ECBC9}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{80ED73C8-3CBC-4737-B3CE-F879E0E281E4}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe |
"UDP Query User{917EF290-2C5B-43F1-81BE-CA3038C730B9}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe |
"UDP Query User{97FDA563-FFAD-4587-98CF-AA055140ED64}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{EBF5095B-1C54-4EFD-9970-F0248D1AD53A}C:\program files\phenomedia\moorhuhn total 5\moorhuhn kart 3\moorhuhn_kart3.exe" = protocol=17 | dir=in | app=c:\program files\phenomedia\moorhuhn total 5\moorhuhn kart 3\moorhuhn_kart3.exe |
"UDP Query User{FA164B0E-4FDD-41A3-AEE3-23A1B90E4715}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 20
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 vibration driver version 0.100
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7184F382-8A6C-4B85-A3AC-B63734B1E241}" = SAMSUNG Mobile USB Driver
"{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1" = Moozy
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2010.SP2
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = PC Camera
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"CCleaner" = CCleaner
"CL-Eye Driver" = CL-Eye Driver
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fraps" = Fraps
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"ImgBurn" = ImgBurn
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = PC Camera
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"iPod to Computer Transfer" = iPod to Computer Transfer 4.8.3
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NortonPCCheckup" = Norton PC Checkup
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"OpenAL" = OpenAL
"PokerStars" = PokerStars
"PSP Games Classics_is1" = PSP Games Classics
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Samsung Mobile USB Modem Device" = Samsung Mobile USB Modem Device Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"ShadowExplorer_is1" = ShadowExplorer 0.8
"Shop for HP Supplies" = Shop for HP Supplies
"TuneUp Utilities" = TuneUp Utilities
"TVWiz" = Intel(R) TV Wizard
"uTorrent" = µTorrent
"WinGimp-2.0_is1" = GIMP 2.6.12
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.06.2012 08:54:28 | Computer Name = Admin-PC | Source = VSS | ID = 8194
Description =
Error - 25.06.2012 09:02:28 | Computer Name = Admin-PC | Source = Application Hang | ID = 1002
Description = Programm java.exe, Version 6.0.200.2 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 16cc Startzeit:
01cd52d293e6722d Endzeit: 113 Anwendungspfad: C:\Program Files\Java\jre6\bin\java.exe
Berichts-ID:
01aed14c-bec6-11e1-92ac-001195290246
Error - 25.06.2012 09:03:23 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ntvdm.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc158 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000ffff ID des fehlerhaften
Prozesses: 0x10f8 Startzeit der fehlerhaften Anwendung: 0x01cd52d2e5164210 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\ntvdm.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 245ce38a-bec6-11e1-92ac-001195290246
Error - 08.07.2012 07:15:18 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mbam.exe, Version: 1.60.0.80, Zeitstempel:
0x4f6b9931 Name des fehlerhaften Moduls: OLEAUT32.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdaca Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001609c ID des fehlerhaften
Prozesses: 0x16f8 Startzeit der fehlerhaften Anwendung: 0x01cd5cfacff71956 Pfad der
fehlerhaften Anwendung: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\OLEAUT32.dll Berichtskennung: 32af0e7a-c8ee-11e1-9681-001195290246
Error - 08.07.2012 07:15:57 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mbam.exe, Version: 1.60.0.80, Zeitstempel:
0x4f6b9931 Name des fehlerhaften Moduls: OLEAUT32.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdaca Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001609c ID des fehlerhaften
Prozesses: 0x1298 Startzeit der fehlerhaften Anwendung: 0x01cd5cfb0adc043c Pfad der
fehlerhaften Anwendung: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\OLEAUT32.dll Berichtskennung: 4a059259-c8ee-11e1-9681-001195290246
Error - 08.07.2012 07:16:18 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mbam.exe, Version: 1.60.0.80, Zeitstempel:
0x4f6b9931 Name des fehlerhaften Moduls: OLEAUT32.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdaca Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001609c ID des fehlerhaften
Prozesses: 0x17f0 Startzeit der fehlerhaften Anwendung: 0x01cd5cfb0e860979 Pfad der
fehlerhaften Anwendung: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\OLEAUT32.dll Berichtskennung: 56494962-c8ee-11e1-9681-001195290246
[ System Events ]
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = PNRPSvc | ID = 102
Description =
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = PNRPSvc | ID = 102
Description =
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
< End of report >
--- --- ---
Hier jetzt die gmer.txtOTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 08.07.2012 18:53:49 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Marc\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,56 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 66,65% Memory free
7,12 Gb Paging File | 5,88 Gb Available in Paging File | 82,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 161,94 Gb Free Space | 69,57% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Marc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02CAC1F2-6BDC-4442-81D8-39A559866D27}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{052A3DCD-D595-4ADB-8A99-A74F644F74D8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D876DBE-3004-48CF-9735-304D95FF07FB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{114EB8E1-973C-4D97-BD18-27AAE3DF3237}" = lport=138 | protocol=17 | dir=in | app=system |
"{28209765-CA1D-4C01-B6CE-BF7E0D4C3860}" = lport=10243 | protocol=6 | dir=in | app=system |
"{36296F85-F860-4704-B154-CEB004EB2F14}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{3AB5B97B-FF53-48D5-8834-526F2EB103B6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46D9D26B-A36F-4FC2-9565-5E4B16E18634}" = lport=2869 | protocol=6 | dir=in | app=system |
"{54E8FD00-7008-47EB-9C9B-6CDE0EAA8122}" = rport=137 | protocol=17 | dir=out | app=system |
"{5882A000-EF51-45BD-B013-7C31D8DB7503}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5B818502-9145-4E17-9C7B-0FA3BD2CE017}" = lport=137 | protocol=17 | dir=in | app=system |
"{660ADB5D-F6EB-468B-8C78-7EF534945204}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6843EE47-F130-49D4-BBBF-4BE74565C00E}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{6F0276BB-FF51-47A9-A2F2-95FAEA5B7553}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{7B584832-A4D2-4E95-88BD-F358F8C9CFB9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7DDE0B88-F3BC-4881-B4CB-4A86DA407CC8}" = lport=445 | protocol=6 | dir=in | app=system |
"{7F7432EA-D4B4-4FCE-B195-7796F2441631}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{85251080-AD27-48DB-9D61-F2027B5F02B1}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\rpcagentsrv.exe |
"{967288A7-DD50-44A7-A0DD-2AAC54092DC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4D64974-6BDD-4571-BFAF-EE26854FD1AB}" = rport=138 | protocol=17 | dir=out | app=system |
"{B8A16771-965F-4B82-B384-AE45BD38E19A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{BEA71CB9-E99D-4FB8-B16F-12C4459F6BD3}" = rport=139 | protocol=6 | dir=out | app=system |
"{C240DDC9-D8EB-4221-8B4D-8DC297DD2EAF}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{C8D2E36B-7406-45BD-B0F6-31C6824F3694}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C9CDBFFC-9E12-4EFD-A3D1-88D9383E4632}" = lport=139 | protocol=6 | dir=in | app=system |
"{D96D9569-3FDD-46BE-802A-0666DC179B15}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF8E6B6C-2C28-432A-BD14-17CC59A4E5EF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E4B64D37-6D64-4746-BD94-D88EC3D0572C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E5B04D39-9F0F-4F95-B2C2-BFE47B8CEA46}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EBFD80AC-FE39-4C8E-A86B-6EF9B3630DCE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F3C1DAEE-4041-4485-90ED-F9FADCA5DD63}" = rport=445 | protocol=6 | dir=out | app=system |
"{FCB716A4-C63C-4DC7-978F-44587ED02892}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{005D8611-0A3E-4863-8CAB-E56FDEE62935}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{016F7AD2-D993-4EF5-A955-729585D2CD15}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{04A7FB85-8B16-4769-93CE-20C61BEE7EEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0628A924-182C-4CEE-956C-9C521E6796C9}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{081E05F7-9E80-48B8-9601-2A45DD7440A0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{0877954B-AB37-4469-9638-E98A8A79BF15}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A7AF1D2-EBE5-4BCB-98E5-F4C5BEF9DFF2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0C34975E-1C00-4D9E-B7FD-A7213067E3DA}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{0D3785A2-4B1B-479B-BAF1-62D6C0265A23}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{19CFEF43-CA16-4572-B87B-7A61968FD722}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1C440BDA-AC23-4086-9771-76B2DD14E1A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1DDC602B-A678-4A02-8EEB-27F2163CDE77}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{2450ECE2-D7BF-461C-AD16-7B2ADC7A7ECC}" = dir=in | app=c:\users\marc\appdata\roaming\caizwu\omquuv.exe |
"{27B40E8C-941D-444B-9BF0-FAFD0ABF64BB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2FCF5E70-A2D8-4D91-B980-66C0E61DC73F}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{3022927B-B3C1-4770-851D-32DD448C3D86}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{349D5E97-86F2-4579-B893-D40B1A292F31}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{34B71966-2466-4DF6-8D57-F6C2260B0E73}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3D01B98D-6F7F-465D-AED3-00797A71CB01}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4135BAD7-3982-4AE5-8655-B9B8FD07B9BC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4B8E0D77-1431-4C74-B3B4-C5AFEF789AA8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{533E0691-6A67-44E2-B67A-AD43E0F654BB}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x86\rpcsandrasrv.exe |
"{58FBC19C-42B3-493C-95E8-92DAACD4CB3E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{594B5D62-2060-4C79-8F4B-7E6C49ED78C3}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{59F4633A-6EF7-4CE0-9960-AD7BB1211512}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A537822-0542-4D2A-BF35-96BDF9DEFB43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B4A945D-B983-434C-B1A8-12D474691266}" = dir=in | app=c:\users\marc\appdata\roaming\ukt\kaocyp.exe |
"{61689875-4EB9-4CD3-BD64-E942E7646EA8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66CE61D9-CBA1-46D7-B423-4F820A53598A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7385F193-68E2-4794-83CC-BE6DB5101F81}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73FBC5A1-657F-4522-A995-979F413B8A3E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7BF56B93-DA53-48A9-A5AE-51BE5A6E367B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D0CFE66-89E2-4CDF-B5A6-A6BB7D511E3E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D84475D-F2B9-4F20-8285-DCC4BC0EB970}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{7EB7552C-7B7E-4647-9C41-F2CB89AD48BE}" = dir=in | app=c:\users\marc\appdata\local\temp\hp\oj4500vg510n-z_full_13\setup\hpznui01.exe |
"{89C1F0CD-0C78-44B1-8B63-0B13FDC6C3B8}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8B2BF136-A5CB-4CC9-8750-3D24C627B7C9}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\rpcagentsrv.exe |
"{8FB2FE86-C42D-4C63-AEA8-488F13F4BFCB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{97640F88-2FB1-4899-88D6-229139A2C094}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{9B67495A-49B4-44D3-B33E-568AC6A14900}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A123AF15-F53E-40C4-B571-5194473B6B5A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A19C9B7C-5389-42D0-8AD3-D61B1E02B657}" = protocol=6 | dir=out | app=system |
"{A2083CC7-9881-4E22-A700-37B696915F2F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A54F46DB-DD42-4FBA-B376-9FE4965DDDFE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFCECB70-B939-4470-B5EA-F64B6F770D2E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B131EEE0-7B04-4316-843C-8922C2665DAD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B21FC084-7DCC-4ACF-9671-5EFFB951C0E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B9EEEF83-3B7E-4666-8DB4-2C78773F9386}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BDDC63CC-FDB9-4067-97BF-620080020D1F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C011A033-F2CD-4A49-B8DC-22FADBFF2BB3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C41464D4-A3FE-40C2-8E8E-CE6FC2139BED}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1D792CC-4D24-4D93-82E4-45AAC1B2BC44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D407789A-1A14-4851-AFCF-F17B9ACBFC83}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5AC5A0C-D652-495C-8D8D-7677016E87B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D6F5C5EE-5E57-47C6-A5D9-7D2A08135D55}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D7C90040-9627-4838-AB44-152444302AF0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D9A2FF27-6CCA-4429-A5CA-11325735B7D3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E2FD37C4-BE3A-408F-9D25-D334C7D68419}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{E3E4AAE2-838A-41CE-8EBE-66CD35F7AA56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7CAF1DB-411C-41C2-A54C-1230B478F41C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF867302-F88F-4640-8FBA-06A7CEC36594}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F29B71ED-460F-4AB8-9485-A5EA81F2D568}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2B21985-158B-4A0F-9986-0E27812F8A82}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F84EEAD8-F85F-496D-91F0-09D6171752EB}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"TCP Query User{19AAD408-A4FC-435F-96BF-081D02D24D8B}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{4262856C-8EBA-4375-A845-6852341C305D}C:\program files\phenomedia\moorhuhn total 5\moorhuhn kart 3\moorhuhn_kart3.exe" = protocol=6 | dir=in | app=c:\program files\phenomedia\moorhuhn total 5\moorhuhn kart 3\moorhuhn_kart3.exe |
"TCP Query User{AFE500CB-840B-4C5F-8F0B-58F5ECAB29BC}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe |
"TCP Query User{BF14DF89-4AEC-42B4-8424-CC3EE4381AEB}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{D6F1AE32-0570-477C-B9ED-DA67FAF6D816}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe |
"TCP Query User{DE8232E4-A934-47A6-970E-9369150ACB27}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F15EA9AD-C100-4399-B8B9-63D1CA00AA5F}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{074A5CAA-717D-4298-B243-5C6A389F7DAC}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2010D67B-1438-4413-A404-0A50994ECBC9}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{80ED73C8-3CBC-4737-B3CE-F879E0E281E4}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe |
"UDP Query User{917EF290-2C5B-43F1-81BE-CA3038C730B9}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe |
"UDP Query User{97FDA563-FFAD-4587-98CF-AA055140ED64}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{EBF5095B-1C54-4EFD-9970-F0248D1AD53A}C:\program files\phenomedia\moorhuhn total 5\moorhuhn kart 3\moorhuhn_kart3.exe" = protocol=17 | dir=in | app=c:\program files\phenomedia\moorhuhn total 5\moorhuhn kart 3\moorhuhn_kart3.exe |
"UDP Query User{FA164B0E-4FDD-41A3-AEE3-23A1B90E4715}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 20
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 vibration driver version 0.100
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7184F382-8A6C-4B85-A3AC-B63734B1E241}" = SAMSUNG Mobile USB Driver
"{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1" = Moozy
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2010.SP2
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = PC Camera
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"CCleaner" = CCleaner
"CL-Eye Driver" = CL-Eye Driver
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fraps" = Fraps
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"ImgBurn" = ImgBurn
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = PC Camera
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"iPod to Computer Transfer" = iPod to Computer Transfer 4.8.3
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NortonPCCheckup" = Norton PC Checkup
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"OpenAL" = OpenAL
"PokerStars" = PokerStars
"PSP Games Classics_is1" = PSP Games Classics
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Samsung Mobile USB Modem Device" = Samsung Mobile USB Modem Device Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"ShadowExplorer_is1" = ShadowExplorer 0.8
"Shop for HP Supplies" = Shop for HP Supplies
"TuneUp Utilities" = TuneUp Utilities
"TVWiz" = Intel(R) TV Wizard
"uTorrent" = µTorrent
"WinGimp-2.0_is1" = GIMP 2.6.12
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.06.2012 08:54:28 | Computer Name = Admin-PC | Source = VSS | ID = 8194
Description =
Error - 25.06.2012 09:02:28 | Computer Name = Admin-PC | Source = Application Hang | ID = 1002
Description = Programm java.exe, Version 6.0.200.2 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 16cc Startzeit:
01cd52d293e6722d Endzeit: 113 Anwendungspfad: C:\Program Files\Java\jre6\bin\java.exe
Berichts-ID:
01aed14c-bec6-11e1-92ac-001195290246
Error - 25.06.2012 09:03:23 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ntvdm.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc158 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000ffff ID des fehlerhaften
Prozesses: 0x10f8 Startzeit der fehlerhaften Anwendung: 0x01cd52d2e5164210 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\ntvdm.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 245ce38a-bec6-11e1-92ac-001195290246
Error - 08.07.2012 07:15:18 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mbam.exe, Version: 1.60.0.80, Zeitstempel:
0x4f6b9931 Name des fehlerhaften Moduls: OLEAUT32.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdaca Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001609c ID des fehlerhaften
Prozesses: 0x16f8 Startzeit der fehlerhaften Anwendung: 0x01cd5cfacff71956 Pfad der
fehlerhaften Anwendung: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\OLEAUT32.dll Berichtskennung: 32af0e7a-c8ee-11e1-9681-001195290246
Error - 08.07.2012 07:15:57 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mbam.exe, Version: 1.60.0.80, Zeitstempel:
0x4f6b9931 Name des fehlerhaften Moduls: OLEAUT32.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdaca Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001609c ID des fehlerhaften
Prozesses: 0x1298 Startzeit der fehlerhaften Anwendung: 0x01cd5cfb0adc043c Pfad der
fehlerhaften Anwendung: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\OLEAUT32.dll Berichtskennung: 4a059259-c8ee-11e1-9681-001195290246
Error - 08.07.2012 07:16:18 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mbam.exe, Version: 1.60.0.80, Zeitstempel:
0x4f6b9931 Name des fehlerhaften Moduls: OLEAUT32.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdaca Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001609c ID des fehlerhaften
Prozesses: 0x17f0 Startzeit der fehlerhaften Anwendung: 0x01cd5cfb0e860979 Pfad der
fehlerhaften Anwendung: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\OLEAUT32.dll Berichtskennung: 56494962-c8ee-11e1-9681-001195290246
[ System Events ]
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = PNRPSvc | ID = 102
Description =
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = PNRPSvc | ID = 102
Description =
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 08.07.2012 12:50:05 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
< End of report >
--- --- ---
eine dds.txt und attach.txt wurde nicht erstellt, zumindest hab ich sie nicht gefunden |
