BKA-Virus auf dem PC - Grundreinigung wurde durchgeführt
Hallo
in der letzten Woche habe ich mir beim abendlichen Surfen scheinbar auch den BKA-Virus eingefangen. In Panik habe ich dann mit einem anderen PC diese Hilfe gefunden und angewendet
Bundespolizei Trojaner in 10 Schritten sicher entfernen
Ich fand auch im Autostart (im abgesicherten Modus) die verdächtige Datei eujfkuji.exe, habe sie deaktiviert und dann startete der PC normal.
Anschließend war ich in einem Kurzurlaub, PC war in der Zeit nicht mehr an.
Heute konnte ich dann einen Avira-Scan machen und der fand mehrere verdächtige Dateien u.a. auch wieder was zu diesem BKA-Virus.
Bei der Recherche stieß ich dann auf dieses Forum und habe die Sachen durchgeführt, die für Hilfesuchende angegeben sind.
Vorausgeschickt noch 3 Sachen:
1. Ich habe Windows Vista in der 32 Bit-Version
2. Während ich dieses Gmer durchführen wollte, kam es zu einem Systemabsturz, leider geschah das so schnell, dass ich jetzt den Fehler nicht genau diagnostizieren konnte.
3. Malware fand den Trojan.Banker, aber irgendwie konnte ich den nicht in die Quaratäne verschieben
OTL Code:
OTL logfile created on: 14.07.2012 19:59:42 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\xxx\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 64,28% Memory free
6,68 Gb Paging File | 5,54 Gb Available in Paging File | 82,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,52 Gb Total Space | 618,81 Gb Free Space | 67,89% Space Free | Partition Type: NTFS
Drive D: | 19,98 Gb Total Space | 9,80 Gb Free Space | 49,02% Space Free | Partition Type: FAT32
Computer Name: PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.14 16:45:19 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.05.08 14:41:15 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 14:41:14 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 14:41:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 14:41:14 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.05.21 00:59:30 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.21 00:59:28 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009.08.16 22:19:21 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.10.09 01:19:22 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.10.09 01:19:20 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007.06.05 14:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
========== Modules (No Company Name) ==========
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.05.04 16:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.17 10:42:56 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.08 14:41:15 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 14:41:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.25 17:16:24 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.07.24 18:52:03 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2009.08.16 22:19:21 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009.08.16 22:19:16 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.07.15 11:48:20 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.09 01:19:22 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.06.05 14:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.07.14 16:31:54 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.05.08 14:41:15 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 14:41:15 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.28 10:41:42 | 000,081,408 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\SSHDRV86.sys -- (SSHDRV86)
DRV - [2012.04.28 10:19:40 | 000,076,288 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\SSHDRV82.sys -- (SSHDRV82)
DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.07.24 18:52:03 | 002,915,944 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2010.07.14 23:48:07 | 000,464,384 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 20:02:49 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008.12.26 01:08:00 | 007,740,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.11.04 03:45:46 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2008.11.04 03:45:46 | 000,108,200 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2008.11.04 03:45:46 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008.11.04 03:45:44 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008.11.04 03:45:44 | 000,086,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2008.11.04 03:45:44 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2008.11.04 03:45:44 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008.01.23 10:19:44 | 000,501,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2008.01.21 04:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007.09.21 10:38:22 | 000,554,496 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC_de
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=SKaVjdtioArLnqN-FccpaJ2-tI8?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q="
FF - prefs.js..browser.search.selectedEngine: "Google.de"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://mail.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.2
FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.94
FF - prefs.js..extensions.enabledItems: {e1170235-2845-420c-acc3-42261a29dd46}:4.0.1
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: {f01f4cbe-b8a8-4c37-94b3-119d8779e7e0}:2.0
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {9fb7d178-155a-4318-9173-1a8eaaea7fe4}:2.1.10
FF - prefs.js..extensions.enabledItems: {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.5.3.4
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {c151d79e-e61b-4a90-a887-5a46d38fba99}:2.6.1
FF - prefs.js..extensions.enabledItems: resizeabletextarea@bristol.ac.uk:0.1d
FF - prefs.js..extensions.enabledItems: {6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}:0.8
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1
FF - prefs.js..extensions.enabledItems: youplayer@addons.mozilla.org:0.9.8
FF - prefs.js..extensions.enabledItems: {15a7ef52-8a77-426e-9e17-e21af257d7c8}:1.6.9
FF - prefs.js..extensions.enabledItems: eafo3fflauncher@ea.com:1.1
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}:1.0
FF - prefs.js..extensions.enabledItems: wikilook@testpilot:2.7.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: {D46E8522-6E86-44b1-A622-58C0668AD78E}:3.6.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.7&q="
FF - prefs.js..network.proxy.pong: ""
FF - prefs.js..network.proxy.pong_port: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.17 18:23:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.02 11:06:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.02 11:06:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}: C:\Users\xxx\AppData\Roaming\5006 [2010.10.19 21:32:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.02 11:06:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.02 11:06:36 | 000,000,000 | ---D | M]
[2009.03.27 17:32:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2012.07.14 16:16:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions
[2009.04.04 12:27:11 | 000,000,000 | ---D | M] (PONG!) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{1368F36C-0370-419a-A408-28F94FD35974}
[2010.04.28 18:25:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.03.25 13:56:03 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2011.02.12 21:00:21 | 000,000,000 | ---D | M] (Show MyIP) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}
[2009.03.27 19:44:56 | 000,000,000 | ---D | M] (PsicoTSI Terminus Edition) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}
[2012.03.30 17:20:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.06.24 17:56:56 | 000,000,000 | ---D | M] (FoxTrick) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}
[2012.03.30 17:21:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.06.23 20:48:59 | 000,000,000 | ---D | M] ("BabelFish") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2010.01.22 20:52:35 | 000,000,000 | ---D | M] (Clipmarks) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46}
[2009.05.08 16:50:22 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011.03.12 15:28:08 | 000,000,000 | ---D | M] (Dictionary Lookup Extension) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{f01f4cbe-b8a8-4c37-94b3-119d8779e7e0}
[2010.10.04 06:38:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\{f42a0c24-7f10-4911-a1bb-b6067ac12583}
[2010.11.19 15:25:41 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2009.03.27 19:44:56 | 000,000,000 | ---D | M] ("Dictionary (EN/DE)") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\dictlookup@arnhold.com
[2010.06.23 19:16:28 | 000,000,000 | ---D | M] (FIFA Online Web Launcher) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\eafo3fflauncher@ea.com
[2012.05.19 10:47:01 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\en-US@dictionaries.addons.mozilla.org
[2010.10.19 21:36:14 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\firefox@tvunetworks.com
[2012.06.08 11:50:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\ich@maltegoetz.de
[2009.04.04 12:16:22 | 000,000,000 | ---D | M] (Resizeable Textarea) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\resizeabletextarea@bristol.ac.uk
[2011.04.15 16:29:46 | 000,000,000 | ---D | M] (WikiLook) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\wikilook@testpilot
[2009.04.04 12:16:23 | 000,000,000 | ---D | M] (YouPlayer) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\456z0406.default\extensions\youplayer@addons.mozilla.org
[2011.04.10 15:23:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\8jn6wxav.tilo\extensions
[2009.03.27 19:55:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\8jn6wxav.tilo\extensions\{00BDD586-51FB-4b06-9C23-AF2FB7609BF3}
[2011.04.10 15:23:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\8jn6wxav.tilo\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.03.27 21:47:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\8jn6wxav.tilo\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.03.27 19:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\8jn6wxav.tilo\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.03.27 21:47:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\8jn6wxav.tilo\extensions\staged-xpis
[2007.10.10 14:05:12 | 000,001,651 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\com-searchde.xml
[2007.06.20 14:21:50 | 000,005,310 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\footiefox.xml
[2011.07.22 17:25:53 | 000,002,101 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\googlede.xml
[2012.07.11 01:02:57 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-1.xml
[2012.01.12 19:55:17 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-10.xml
[2012.02.25 14:23:53 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-11.xml
[2012.03.17 17:22:34 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-12.xml
[2012.05.04 19:23:41 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-13.xml
[2012.06.08 11:50:20 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-14.xml
[2012.06.17 10:43:24 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-15.xml
[2009.08.05 21:29:14 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-2.xml
[2011.05.01 14:51:11 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-3.xml
[2011.05.09 19:47:28 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-4.xml
[2011.06.24 21:18:56 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-5.xml
[2011.08.25 19:25:50 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-6.xml
[2011.09.03 14:31:10 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-7.xml
[2011.09.10 13:42:45 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-8.xml
[2011.11.13 17:35:27 | 000,000,950 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin-9.xml
[2012.03.19 20:09:28 | 000,000,168 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin.gif
[2012.03.19 20:09:28 | 000,000,618 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin.src
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\icqplugin.xml
[2011.02.13 16:02:20 | 000,002,024 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\456z0406.default\searchplugins\transfermarktde.xml
[2012.03.17 17:21:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.03.27 18:45:15 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.07.31 15:00:52 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2009.03.27 18:45:24 | 000,000,000 | ---D | M] ("BabelFish") -- C:\Program Files\Mozilla Firefox\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2012.01.17 18:23:38 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.06.01 11:01:06 | 000,246,068 | ---- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\456Z0406.DEFAULT\EXTENSIONS\{15A7EF52-8A77-426E-9E17-E21AF257D7C8}.XPI
[2012.05.11 19:00:46 | 000,355,956 | ---- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\456Z0406.DEFAULT\EXTENSIONS\{9FB7D178-155A-4318-9173-1A8EAAEA7FE4}.XPI
[2012.07.11 01:00:54 | 000,340,684 | ---- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\456Z0406.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
[2012.07.14 16:16:43 | 000,112,944 | ---- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\456Z0406.DEFAULT\EXTENSIONS\{C151D79E-E61B-4A90-A887-5A46D38FBA99}.XPI
[2011.10.30 14:57:24 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\456Z0406.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012.07.11 02:08:28 | 000,159,604 | ---- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\456Z0406.DEFAULT\EXTENSIONS\NOTREAL.CCOPTIONS@ENVIRONMENTALCHEMISTRY.COM.XPI
[2012.06.17 10:42:56 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.17 09:51:48 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.03.03 12:00:30 | 001,275,856 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv501.dll
[2012.02.25 14:22:55 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.25 14:22:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.25 14:22:55 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.25 14:22:55 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.25 14:22:55 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.25 14:22:55 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 09-Registrierung.lnk = C:\Program Files\EA SPORTS\FIFA 09\Support\EAregister.exe (Leader Technologies)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NHL™ 09-Registrierung.lnk = C:\Program Files\EA SPORTS\NHL 09\Support\EAregister.exe (Leader Technologies)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe (Ubi Soft)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1662B6D6-91A3-4802-BA03-4A8C53C80FE9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35526326-BF30-4DF3-8EE1-1219DE63DF20}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6EEA842D-FA01-40A3-8253-FB9ACEDA24FE}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\xxx\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\xxx\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{22f693cf-1d55-11de-a428-00242106c95d}\Shell - "" = AutoRun
O33 - MountPoints2\{22f693cf-1d55-11de-a428-00242106c95d}\Shell\AutoRun\command - "" = K:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.14 16:45:16 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2012.07.14 16:31:25 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.14 16:31:25 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2012.07.14 16:31:17 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.14 16:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.14 16:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.14 16:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.14 11:53:38 | 000,000,000 | ---D | C] -- C:\HattrickOrganizer
[2012.07.11 01:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\pxfrqysnczlpdne
[2012.07.02 11:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.07.02 11:06:13 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.07.02 11:05:27 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Help
[2012.07.02 11:01:06 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\TeamViewer
[2012.07.02 11:01:06 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Apple
[2012.06.23 10:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.06.17 10:43:33 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Macromedia
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\xxx\AppData\Roaming\*.tmp files -> C:\Users\xxx\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.14 20:05:00 | 000,000,408 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
[2012.07.14 20:02:22 | 000,618,204 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.14 20:02:22 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.14 20:02:22 | 000,122,636 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.14 20:02:22 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.14 20:01:03 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.14 20:00:03 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2012.07.14 19:56:09 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.14 19:56:03 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.14 19:56:03 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.14 19:56:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.14 19:55:52 | 3487,748,096 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.14 19:53:53 | 000,000,020 | ---- | M] () -- C:\Users\xxx\defogger_reenable
[2012.07.14 16:45:39 | 000,302,592 | ---- | M] () -- C:\Users\xxx\Desktop\zqe8w5fh.exe
[2012.07.14 16:45:24 | 000,050,477 | ---- | M] () -- C:\Users\xxx\Desktop\Defogger.exe
[2012.07.14 16:45:19 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2012.07.14 16:31:54 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.14 13:05:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.07.11 08:36:44 | 000,434,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.11 03:24:46 | 000,073,728 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.11 02:18:49 | 000,001,797 | ---- | M] () -- C:\Users\xxx\Desktop\Avira DE-Cleaner.lnk
[2012.07.11 01:24:53 | 000,000,051 | ---- | M] () -- C:\ProgramData\vnfcryleknbypxs
[2012.07.03 18:01:47 | 000,001,181 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 09-Registrierung.lnk
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.02 11:04:28 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\xxx\AppData\Roaming\*.tmp files -> C:\Users\xxx\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.14 19:53:39 | 000,000,020 | ---- | C] () -- C:\Users\xxx\defogger_reenable
[2012.07.14 16:45:37 | 000,302,592 | ---- | C] () -- C:\Users\xxx\Desktop\zqe8w5fh.exe
[2012.07.14 16:45:23 | 000,050,477 | ---- | C] () -- C:\Users\xxx\Desktop\Defogger.exe
[2012.07.11 02:16:32 | 000,001,797 | ---- | C] () -- C:\Users\xxx\Desktop\Avira DE-Cleaner.lnk
[2012.07.11 02:04:50 | 3487,748,096 | -HS- | C] () -- C:\hiberfil.sys
[2012.07.11 01:24:50 | 000,000,051 | ---- | C] () -- C:\ProgramData\vnfcryleknbypxs
[2012.07.02 11:04:28 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2012.05.12 09:13:50 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2012.05.12 09:13:50 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2012.04.28 10:41:42 | 000,081,408 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV86.sys
[2012.04.28 10:19:40 | 000,076,288 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV82.sys
[2012.04.13 20:46:38 | 000,000,218 | ---- | C] () -- C:\Users\xxx\.recently-used.xbel
[2011.10.19 18:44:58 | 000,000,680 | ---- | C] () -- C:\Users\xxx\AppData\Local\d3d9caps.dat
[2010.10.21 20:27:42 | 000,000,068 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\urhtps.dat
[2010.09.19 23:01:25 | 000,000,045 | ---- | C] () -- C:\Users\xxx\.edu.xtec.properties
[2010.06.23 19:18:27 | 000,139,152 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\PnkBstrK.sys
[2009.03.27 19:24:13 | 000,073,728 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.27 19:04:27 | 000,000,005 | ---- | C] () -- C:\Users\xxx\ho.dir
========== LOP Check ==========
[2012.05.24 13:19:10 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\.purple
[2009.03.28 18:48:00 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\2K Sports
[2010.10.19 21:32:48 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\5006
[2009.07.05 14:01:08 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Amazon
[2010.10.19 21:32:35 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\cock
[2009.03.30 20:08:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DAEMON Tools
[2009.03.30 20:09:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite
[2009.03.30 20:08:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DAEMON Tools Pro
[2009.05.06 22:06:58 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Das Fussball Studio
[2009.04.11 03:02:07 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\eXPert PDF Editor
[2009.12.29 03:45:24 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FFSJ
[2009.12.16 22:32:41 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\gtk-2.0
[2009.12.28 18:08:39 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Haneke Software
[2012.05.27 11:51:08 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ICQ
[2010.12.11 18:04:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\inkscape
[2009.03.28 18:24:39 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\IrfanView
[2009.06.04 20:36:49 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Leadertech
[2009.07.05 13:23:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\MAGIX
[2010.11.07 20:21:00 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org
[2010.07.28 02:16:05 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Pro Cycling Manager 2008
[2009.07.05 13:24:22 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ProtectDisc
[2009.06.11 18:33:40 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Sony
[2010.12.29 23:51:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Sports Interactive
[2012.07.02 11:01:06 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TeamViewer
[2009.05.22 21:01:50 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\temp
[2009.03.27 17:58:21 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TuneUp Software
[2010.10.28 23:25:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\UAs
[2010.12.09 17:42:44 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\xmldm
[2012.07.14 20:00:03 | 000,000,522 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2012.07.14 19:54:47 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.14 20:05:00 | 000,000,408 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
========== Purity Check ==========
< End of report >
Extras Code:
OTL Extras logfile created on: 14.07.2012 19:59:42 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\xxx\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 64,28% Memory free
6,68 Gb Paging File | 5,54 Gb Available in Paging File | 82,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,52 Gb Total Space | 618,81 Gb Free Space | 67,89% Space Free | Partition Type: NTFS
Drive D: | 19,98 Gb Total Space | 9,80 Gb Free Space | 49,02% Space Free | Partition Type: FAT32
Computer Name: PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001BEE00-47B8-4A3C-8796-1C38B49B9D0E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{04D38889-2FCD-4D5F-9FA3-A696E8F56BDF}" = rport=445 | protocol=6 | dir=out | app=system |
"{04DCFEA5-1325-433F-965D-433E345CFC71}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{076280F4-FF5D-4A68-8137-CB92C9E95794}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{15EF0F6E-1534-4225-9683-4CC083232882}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1B6A7733-6FE9-4173-8820-CB2A9C0B0CEC}" = lport=139 | protocol=6 | dir=in | app=system |
"{225C86B6-5037-47F7-9A49-EE17A8471709}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{27996094-0A95-4794-BC22-28DA5CA80AC4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{446C0B50-790F-46D1-BC5A-5835BEBAAF7F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{609141BC-F11E-4F0C-A6E7-608770FE75AD}" = rport=139 | protocol=6 | dir=out | app=system |
"{6798329A-D6A3-4CCC-81F2-2C80232356D4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{76ED12C5-B91F-40C3-AA2E-FF278349F3DC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{78E55699-8FCE-43C3-9121-4117D4DD98B0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{86E3E72D-EE54-44B7-92AB-A4E8948C84E1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{89C8CC9B-722B-4B1D-A738-5ED7FE7D620D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A21AB827-7119-431C-A9DB-6EF4C8D21A14}" = lport=138 | protocol=17 | dir=in | app=system |
"{A2B45409-5D7A-456B-9666-B7356730C48B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A56ADE6A-0828-441E-B917-318468DBFFB3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B19DD5D1-C406-4CA4-A2A8-39B13D7B8232}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B35D7DC7-B2FD-4D28-AF11-DA9D6834062E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B3FC3D42-519C-4709-A5DA-E991600D2E73}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BBD392E2-9613-491E-BB82-754353F549C7}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C03F6C29-6917-4CDE-AB07-A7FC57895467}" = rport=137 | protocol=17 | dir=out | app=system |
"{C83055F6-0597-40D9-8F88-628935EC091C}" = rport=138 | protocol=17 | dir=out | app=system |
"{D2322266-6C5B-4F93-A743-AF9058BFF6BE}" = lport=445 | protocol=6 | dir=in | app=system |
"{E882AAA3-D43C-49CC-A0D5-00E6E2700FE0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EDA67F50-5A27-4DA3-ABC5-E44A52657CC9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF2B0BAD-43B7-4DFE-9E2C-729E85763D9B}" = lport=137 | protocol=17 | dir=in | app=system |
"{F030C810-74A0-4D93-8061-A5A1CC11EB54}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00538825-7C43-4978-86C3-059123FF3F03}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{01D02C4C-30B8-487A-9396-1AEB431B5046}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1164C742-4982-4BA2-99C4-629F9BA91239}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{13973A37-0108-488B-8B28-F2473AF6D3AE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{196BF418-EC72-4845-A016-F7DBB88B153B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1C314505-2B75-4056-93B2-8AEE5788307E}" = protocol=17 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{1F2C746C-0E08-4243-BE5D-F205A01883D3}" = protocol=6 | dir=in | app=c:\program files\cyanide\tour de france - saison 2008\pcm.exe |
"{2044455E-29BB-42C5-B410-77BB57FF7522}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21AB53EE-E2CB-473E-91BD-48FE721A3E91}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{326E733D-EF31-4F61-86F4-F80FD9EE1763}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{36962A66-565B-4553-AB3E-800F69E57756}" = protocol=6 | dir=in | app=c:\program files\heraklasse\autoupdate.exe |
"{3B13C5FC-1318-4103-9D6D-5504FBB41D76}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{43E89CAC-1084-4672-9AB9-B97571F402BE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\nba 2k9\nba2k9.exe |
"{4D956D1D-90F4-4E56-83A8-01B0C710339C}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{540B39B7-AC54-4DCC-BB67-A117F36C6A3A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{541E4599-9607-4210-A435-A4E49C3414A4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5FB39874-0348-43A1-961E-DE63B740DFD1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{61D52EB3-90D8-4A82-9427-255E537CC3AD}" = protocol=17 | dir=in | app=c:\program files\heraklasse\autoupdate.exe |
"{62D46958-B319-4DB7-BD66-BEE63A057174}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{639AF1EA-FBD0-4399-8EC4-746D01DCBFE0}" = protocol=17 | dir=in | app=c:\program files\cyanide\tour de france - saison 2008\pcm.exe |
"{64A8978D-F2D5-4667-9EAE-3CFEE56696FD}" = protocol=6 | dir=in | app=c:\program files\cyanide\tour de france - saison 2008\autorun\exe\autorun.exe |
"{67EFEE44-8EF1-499F-8321-BB0DA692E236}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6D9FBB8C-9EA6-415B-878B-67B7652D157D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{71646524-2379-4611-9953-46800DD419D0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{72AEEFB3-74E3-438D-9C9C-843589D6D423}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\nba 2k9\nba2k9.exe |
"{7C2CC234-3BE7-4645-B18C-EA5761C88E57}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{7D186C86-1BEB-4260-AF68-8E35C6C68998}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{85F03C46-C274-4D10-B741-930C0B4524D8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{86993213-BB0B-469A-B68B-2BA8ECC05CB7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{89941979-84CF-413B-9E01-20F049287765}" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2011 demo\fm.exe |
"{89F0CA14-97EF-4F50-A9B0-29AA9A42E679}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{9B5F9ABE-0C32-4AFF-B85B-A4516EC74D4E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B0F41ADA-0687-40E8-8AC8-F47E120D1EA5}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{B299EB64-89B3-461E-AC58-E5A687E43324}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B6A4EAF9-E6F9-452E-8BF5-184BE8834F4F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BC175DFD-AD69-483A-A4D0-392CA4621B21}" = protocol=17 | dir=in | app=c:\program files\cyanide\tour de france - saison 2008\autorun\exe\autorun.exe |
"{BC198CD8-7EB8-4CDD-8091-EEC6D6586F98}" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2011 demo\fm.exe |
"{BCAD08AA-FC63-4220-941D-753ABF197E42}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CCC36B0F-6F8F-4BA7-AD61-E59900C8E312}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2363409-9D81-4AE2-BED5-DE02F20B316F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D84B9A96-EDFB-4B8B-BD69-EC35C8B09914}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{DDF53FDA-97B1-4A01-B7CA-30B79040312C}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{E16BD2C8-A254-473A-8CA7-58846323A6E8}" = protocol=6 | dir=out | app=system |
"{EA773B22-5E29-4FE8-8A0F-8D5E276956D3}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{ED1B0801-4CB0-4C3E-B9FB-5359F5E80026}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ED644033-FA29-4695-9E40-B7D52DD24224}" = protocol=6 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{EFCD122C-2C4F-43D0-8267-D5C60E244588}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F0E860E8-22B5-431D-B847-47BBC3819614}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F1D982D5-B6B7-4003-BC77-B4A25549A4CE}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{F41DFDF8-6D3D-4465-9D31-BBAA13D7BDFF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F73EC7DF-C6A7-4536-9828-D0734462D8CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{0118DC46-5D09-4476-82E0-413946E3B13A}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{02B8C1ED-F8F7-4C7A-8C1F-BD723220820C}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{1AE02B92-56C7-44E1-AEE4-8013A628C5EB}C:\program files\ea sports\fifa 11 demo\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11 demo\game\fifa.exe |
"TCP Query User{1B97D5AF-2E11-4612-B543-78EB29B18411}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{3E9A9C6C-B84F-497D-A6ED-B9BA19CEB1C7}C:\program files\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"TCP Query User{84DFB685-9291-4F45-802D-D80432AC3886}C:\program files\ea sports\fussball manager 11\manager11.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 11\manager11.exe |
"TCP Query User{8B25EB8D-C246-4ABB-8DEE-3678581083CB}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{8ECB3E17-08D6-4E68-805C-DC0808473ED9}C:\program files\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files\pidgin\pidgin.exe |
"TCP Query User{9D1AB35E-61D7-46A1-97B1-7BF805BEE4FE}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{E6C86BAE-D5CC-4930-8732-DAAF0E394A88}C:\program files\ea sports\fifa online\nfe.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa online\nfe.exe |
"TCP Query User{EB545EAE-0E1B-4792-BA45-FDB577F5792B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{EEBD196C-D667-4171-AB00-A49B1D7F3789}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{EECBA61D-89C4-43F7-B3CF-3086F837D145}C:\program files\cyanide\tour de france - saison 2008\pcm.exe" = protocol=6 | dir=in | app=c:\program files\cyanide\tour de france - saison 2008\pcm.exe |
"TCP Query User{F09B8915-969A-4DEA-90BC-4F289CB03934}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{F17A31E6-9CE3-4090-A1B2-039727DC8257}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{FFE45F0F-7C2C-4B29-869C-D55054877B80}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{067B7E86-9546-4520-8C5C-0A4DF5DF3DAF}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{3EF34399-EC9F-4C2B-A088-B82D9C209FAD}C:\program files\cyanide\tour de france - saison 2008\pcm.exe" = protocol=17 | dir=in | app=c:\program files\cyanide\tour de france - saison 2008\pcm.exe |
"UDP Query User{4928BF31-EC3D-444D-B07E-91B2428E5BD4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{5BF1E737-CCAF-41BD-9C54-2E0D0AF98EB9}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{61B37F2F-A55B-4482-8F37-DB897CAF2A42}C:\program files\ea sports\fifa online\nfe.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa online\nfe.exe |
"UDP Query User{6A125633-6E9C-47BC-915E-DBAF5C4C8F84}C:\program files\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"UDP Query User{76C8774A-17CF-40BA-A7D3-8F96F377BCB2}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{8A055E6A-F5CA-44FC-9FE5-9D6C3B2E56A9}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{8A55B89B-1D23-40A7-B2DA-EDDAC53CD059}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{8E4A3FEE-15C4-4DE1-819F-19A2F4EA3AF6}C:\program files\ea sports\fussball manager 11\manager11.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 11\manager11.exe |
"UDP Query User{8E72DAE5-ED2F-4898-BC85-58B62E16B2FA}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{A28626C1-26F8-4BEF-A528-0D3A5A0B3AFB}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{B998341E-EC9C-4C5E-9819-43A9B3DC7EF8}C:\program files\ea sports\fifa 11 demo\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11 demo\game\fifa.exe |
"UDP Query User{C65B94CC-D735-4EFF-91AD-4D1A6C674D00}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{C910C6C9-F568-4CEC-947F-065FC24BCC8A}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{EC88F85A-BC23-4D9B-A142-E5495536E021}C:\program files\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files\pidgin\pidgin.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
""Deutsch in der Grundschule" - CD32_is1" = Oriolus Lernprogramm Deutsch in der Grundschule
"_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{04441EE4-3631-43DB-813A-9D031380C8E5}" = MarketingReg
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08BE0A17-0AB8-4B0C-88E2-EB1B4977A511}" = Lernwerkstatt 8
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{47948554-90C6-4AAC-8CFA-D23CE11C1031}" = Nero 8 Essentials
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = Hama Black Force Pad
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FE3B0CE-37C1-4825-908A-5A84C9B4EC2F}" = EA SPORTS(TM) FIFA Online
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B31DF8A-8B77-497F-8180-E710A01635F1}" = Warlords IV
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88EF3F58-80D5-43B0-B9C0-FA4F51D0BD55}_is1" = ANSTOSS 2005 1.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8CD0B297-122D-4718-9CE1-B72E796F7B21}" = Sony Ericsson Media Manager 1.2
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}" = eXPert PDF 5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACA85783-8EEA-4f0a-B2A3-A8173F30209F}" = C4200_doccd
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BFDE4176-5DFE-4db9-AA00-8F30CB001BDA}" = c4200_Help
"{C39E671D-0528-4c5e-A034-8470C5BC393A}" = C4200
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D65B333F-DE89-4DED-A710-6A6B9C198DD7}" = Pop Art Studio 5.3
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software
"{DC158DF7-6B36-4C6F-BC91-109014297994}" = FIFA 11 Demo
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F722E488-A5B5-47ff-AA9B-4DE6CE7914CA}" = Windows 7 Upgrade Advisor
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F804CEB4-747E-46D5-B8AB-C56E3BAF27D9}_is1" = Das Fussball Studio 6.9.1
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FD7F242B-9AA0-40c3-941E-3A9821D19C09}" = PS_AIO_ProductContext
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Andy Warhol Replicator" = Andy Warhol Replicator
"ANSTOSS 3_is1" = ANSTOSS 3
"Ask Toolbar_is1" = Ask Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Digital Editions" = Adobe Digital Editions
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"EA Download Manager" = EA Download Manager
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Flatcast_is1" = Flatcast 5.0
"FLV Player" = FLV Player 2.0 (build 25)
"Football Manager 2011 Demo" = Football Manager 2011 Demo
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"FUSSBALL MANAGER 08" = FUSSBALL MANAGER 08
"FUSSBALL MANAGER 11" = FUSSBALL MANAGER 11
"GameCenter" = GameCenter
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"Hattrick Control_is1" = Hattrick Control 2.26
"Hattrick Organizer" = Hattrick Organizer (remove only)
"HERA-Klasse!" = HERA-Klasse!
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"ICQToolbar" = ICQ Toolbar
"Inkscape" = Inkscape 0.48.0
"InstallShield_{08BE0A17-0AB8-4B0C-88E2-EB1B4977A511}" = Lernwerkstatt 8
"IrfanView" = IrfanView (remove only)
"lgx4.lgx.server" = G DATA Logox4 Speechengine
"MAGIX Foto Manager 8 D" = MAGIX Foto Manager 8 6.0.1.457 (D)
"MAGIX Fotobuch" = MAGIX Fotobuch 3.6
"MAGIX Goya burnR D" = MAGIX Goya burnR 1.3.1.3 (D)
"MAGIX Music Maker 15 D" = MAGIX Music Maker 15 15.0.0.19 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 3.4.3.0 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyMDb_0" = MyMDb 3.5.2
"NVIDIA Drivers" = NVIDIA Drivers
"PartyPoker" = PartyPoker
"PartyPokerNet" = PartyPokerNet
"Picasa 3" = Picasa 3
"Pidgin" = Pidgin
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"Pro Cycling Manager 2008_is1" = Pro Cycling Manager - Season 2008 1.0.2.3
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"Schroedel Arbeitsblätter" = Schroedel Arbeitsblätter
"SopCast" = SopCast 3.0.3
"Steam App 7740" = NBA 2K9
"SUPER ©" = SUPER © Version 2010.bld.37 (Jan 2, 2010)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.07.2010 19:30:26 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
Error - 28.07.2010 05:23:41 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 28.07.2010 05:23:41 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 28.07.2010 05:24:50 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
Error - 28.07.2010 17:11:28 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 28.07.2010 17:11:28 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 28.07.2010 17:12:29 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
Error - 29.07.2010 05:58:06 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 29.07.2010 05:58:06 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 29.07.2010 05:58:54 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 19.06.2009 10:28:54 | Computer Name = PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1957
seconds with 1380 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 10.07.2012 19:53:06 | Computer Name = PC | Source = DCOM | ID = 10005
Description =
Error - 10.07.2012 19:53:18 | Computer Name = PC | Source = DCOM | ID = 10005
Description =
Error - 10.07.2012 19:53:19 | Computer Name = PC | Source = DCOM | ID = 10005
Description =
Error - 10.07.2012 19:53:19 | Computer Name = PC | Source = DCOM | ID = 10005
Description =
Error - 10.07.2012 19:53:19 | Computer Name = PC | Source = DCOM | ID = 10005
Description =
Error - 10.07.2012 19:53:19 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 10.07.2012 19:53:19 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 10.07.2012 19:53:52 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 10.07.2012 19:53:54 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 11.07.2012 05:09:12 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description =
[ TuneUp Events ]
Error - 14.07.2012 10:31:28 | Computer Name = PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-07-14 16:31:28', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','4200',0)
Error - 14.07.2012 10:31:34 | Computer Name = PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-07-14 16:31:34', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','5632',0)
Error - 14.07.2012 10:31:34 | Computer Name = PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-07-14 16:31:34', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamgui.exe','5500',0)
Error - 14.07.2012 10:31:39 | Computer Name = PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-07-14 16:31:39', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','4732',0)
Error - 14.07.2012 10:31:56 | Computer Name = PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-07-14 16:31:56', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','6092',0)
Error - 14.07.2012 13:56:35 | Computer Name = PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-07-14 19:56:35', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamgui.exe','3628',0)
Error - 14.07.2012 13:56:40 | Computer Name = PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-07-14 19:56:40', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','3640',0)
< End of report >
Hilfe wäre echt super! |
