| Psychotic | 15.03.2011 21:24 |
Kaspersky meldet "phishing link" auf Banking-Rechner
Guten Tag!
Hier MBAM und OTL...GMER stürzt ab. Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6054
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
14.03.2011 21:50:36
mbam-log-2011-03-14 (21-50-36).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 344866
Laufzeit: 2 Stunde(n), 0 Minute(n), 14 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
OTL logfile created on: 14.03.2011 22:03:26 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\SiSa\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,36 Gb Total Space | 95,06 Gb Free Space | 42,75% Space Free | Partition Type: NTFS
Drive D: | 10,53 Gb Total Space | 1,79 Gb Free Space | 16,99% Space Free | Partition Type: NTFS
Computer Name: SISA-LAPTOP | User Name: SiSa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.03.14 22:01:49 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\SiSa\Downloads\OTL.exe
PRC - [2011.01.08 19:40:27 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2011.01.05 11:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011.01.05 11:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011.01.05 11:31:32 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010.12.07 11:32:03 | 001,971,496 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version6\TeamViewer_Desktop.exe
PRC - [2010.12.07 11:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.12.07 11:31:58 | 007,482,152 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer.exe
PRC - [2010.12.07 11:10:24 | 000,099,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\tv_w32.exe
PRC - [2010.07.26 16:58:39 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.10.20 19:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011.03.14 22:01:49 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\SiSa\Downloads\OTL.exe
MOD - [2010.12.07 11:10:19 | 000,049,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\tv_w32.dll
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2006.11.02 10:46:03 | 000,149,019 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crtdll.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.01.08 19:40:27 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2011.01.05 11:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 11:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2010.12.07 11:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2009.07.03 11:40:32 | 000,009,216 | ---- | M] (Vodafone) [Disabled | Stopped] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009.03.31 08:39:36 | 000,233,472 | ---- | M] (Teruten) [Disabled | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008.10.06 09:54:52 | 000,365,952 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008.04.07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011.01.08 19:18:53 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010.09.01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.08.12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010.08.12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2009.11.03 16:33:40 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009.10.14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)
DRV - [2009.10.02 18:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.09.05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.09.01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2009.07.23 20:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.04.09 13:38:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.03.31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008.10.09 13:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008.10.03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008.05.09 20:17:32 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.04.24 23:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.01.21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007.10.18 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.09.17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon\ [2010.02.11 16:47:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.23 12:41:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.02 16:08:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2011.01.08 19:21:03 | 000,000,000 | ---D | M]
[2010.08.28 19:02:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SiSa\AppData\Roaming\mozilla\Extensions
[2010.08.28 19:02:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SiSa\AppData\Roaming\mozilla\Extensions\{a79fe89b-6662-4ff4-8e88-09950ad4dfde}
[2011.03.13 23:29:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SiSa\AppData\Roaming\mozilla\Firefox\Profiles\ly4j5cdt.default\extensions
[2010.02.11 17:55:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\SiSa\AppData\Roaming\mozilla\Firefox\Profiles\ly4j5cdt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.08 23:10:45 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\SiSa\AppData\Roaming\mozilla\Firefox\Profiles\ly4j5cdt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.01.19 18:36:41 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\SiSa\AppData\Roaming\mozilla\Firefox\Profiles\ly4j5cdt.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2011.01.08 23:10:45 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Users\SiSa\AppData\Roaming\mozilla\Firefox\Profiles\ly4j5cdt.default\extensions\elemhidehelper@adblockplus.org
[2011.01.08 19:21:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.02.11 17:18:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.05.22 15:42:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.11.14 12:53:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.08 19:21:53 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.12.02 09:31:53 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.12.02 09:31:53 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.12.02 09:31:53 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.12.02 09:31:53 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.12.02 09:31:53 | 000,000,801 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [NPSStartup] File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.58.61.250 80.58.61.254
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Users\SiSa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\SiSa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{10071670-26b7-11de-8a36-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{10071670-26b7-11de-8a36-001f16718131}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1007167d-26b7-11de-8a36-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{1007167d-26b7-11de-8a36-001f16718131}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{31c93fc5-c57a-11de-bc70-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{31c93fc5-c57a-11de-bc70-001f16718131}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{62d769ab-1671-11df-b8b5-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{62d769ab-1671-11df-b8b5-001f16718131}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{62d769bc-1671-11df-b8b5-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{62d769bc-1671-11df-b8b5-001f16718131}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{62d769da-1671-11df-b8b5-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{62d769da-1671-11df-b8b5-001f16718131}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{62d769dc-1671-11df-b8b5-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{62d769dc-1671-11df-b8b5-001f16718131}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{62d769e6-1671-11df-b8b5-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{62d769e6-1671-11df-b8b5-001f16718131}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{62d769e8-1671-11df-b8b5-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{62d769e8-1671-11df-b8b5-001f16718131}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a0d12ca4-166f-11df-bc4a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a0d12ca4-166f-11df-bc4a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a0d12cbf-166f-11df-bc4a-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{a0d12cbf-166f-11df-bc4a-001f16718131}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a0d12ce6-166f-11df-bc4a-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{a0d12ce6-166f-11df-bc4a-001f16718131}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a0d12ce7-166f-11df-bc4a-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{a0d12ce7-166f-11df-bc4a-001f16718131}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{abdf8162-4153-11de-9851-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{abdf8162-4153-11de-9851-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{abdf817c-4153-11de-9851-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{abdf817c-4153-11de-9851-001f16718131}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bd144579-63c9-11de-88c2-001f16718131}\Shell\AutoRun\command - "" = H:\texar/texar32.exe
O33 - MountPoints2\{bd144579-63c9-11de-88c2-001f16718131}\Shell\explore\command - "" = H:\texar/texar32.exe
O33 - MountPoints2\{bd144579-63c9-11de-88c2-001f16718131}\Shell\open\command - "" = H:\.\texar/texar32.exe
O33 - MountPoints2\{ca8521fa-2693-11de-8d1c-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{ca8521fa-2693-11de-8d1c-001f16718131}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ca85221d-2693-11de-8d1c-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{ca85221d-2693-11de-8d1c-001f16718131}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e685f93e-165f-11df-8632-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{e685f93e-165f-11df-8632-001f16718131}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e685f95d-165f-11df-8632-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{e685f95d-165f-11df-8632-001f16718131}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e685f96b-165f-11df-8632-001f16718131}\Shell - "" = AutoRun
O33 - MountPoints2\{e685f96b-165f-11df-8632-001f16718131}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{fe437b88-2eac-11df-9ad3-001f16718131}\Shell\AutoRun\command - "" = H:\ContentManager\ContentManagerStarter.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.03.13 22:52:27 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\estuvimos viajando en gran canaria
[2011.03.13 19:10:34 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\Autotour teror,arucas,maspalomas,puerto rico
[2011.03.13 19:09:52 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\Kitesurfing cicer + kochen mit jose
[2011.03.09 18:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.03.09 17:33:41 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\las palmas FB2
[2011.03.09 14:00:03 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\SurfeaR FB
[2011.03.09 13:24:04 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.03.09 13:24:03 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.03.09 13:24:03 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.03.09 13:24:03 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011.03.09 13:17:11 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\haciendo el surf en el norte Las Palmas 8
[2011.03.09 13:16:37 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\CaRnAvAl + Geb Las Palmas 7
[2011.03.05 18:18:00 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\Kings Of Leon - Only By The Night
[2011.03.05 18:17:22 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\Kings of leon come around sunday
[2011.02.28 21:02:19 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\las palmas 6
[2011.02.27 19:06:00 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\las palmas 5
[2011.02.23 00:08:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011.02.23 00:06:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011.02.23 00:05:53 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011.02.23 00:05:53 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011.02.23 00:05:53 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011.02.23 00:05:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011.02.23 00:05:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011.02.23 00:05:49 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011.02.23 00:05:49 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011.02.23 00:05:49 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011.02.23 00:05:49 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011.02.23 00:05:49 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011.02.23 00:05:41 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011.02.23 00:05:41 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011.02.23 00:05:41 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011.02.23 00:05:41 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011.02.23 00:05:41 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011.02.20 17:28:24 | 000,000,000 | ---D | C] -- C:\Users\SiSa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.02.18 19:26:42 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\nachhilfe LPA
[2011.02.18 16:36:17 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\las palmas 4
[2011.02.13 23:58:42 | 000,000,000 | ---D | C] -- C:\Users\SiSa\Desktop\las palmas 3
========== Files - Modified Within 30 Days ==========
[2011.03.14 21:43:43 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.14 21:43:43 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.14 19:43:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.14 19:43:35 | 2951,081,984 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.13 22:19:29 | 000,085,504 | ---- | M] () -- C:\Users\SiSa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.09 23:35:46 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.03.09 13:18:26 | 004,796,564 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.03.09 13:18:26 | 001,863,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.09 13:18:26 | 001,495,382 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.03.09 13:18:26 | 001,323,740 | ---- | M] () -- C:\Windows\System32\perfc009.dat
========== Files Created - No Company Name ==========
[2011.02.23 00:05:43 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011.02.23 00:05:43 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011.02.23 00:05:43 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011.01.08 19:21:39 | 000,114,243 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011.01.08 19:21:39 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.11.09 23:23:37 | 000,007,808 | ---- | C] () -- C:\Users\SiSa\AppData\Local\d3d9caps.dat
[2010.10.13 21:56:33 | 000,000,199 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.07.05 19:18:54 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.07.05 19:18:54 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.03.09 15:44:15 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.09.15 19:40:41 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2009.09.11 15:47:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.11 15:47:45 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.09 18:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009.07.31 10:26:19 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.07.31 10:25:27 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.07.31 10:20:30 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.06.16 13:25:04 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009.06.10 11:40:04 | 000,000,268 | ---- | C] () -- C:\Users\SiSa\AppData\Roaming\wklnhst.dat
[2009.04.11 14:01:31 | 000,085,504 | ---- | C] () -- C:\Users\SiSa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.09 16:47:04 | 000,013,824 | ---- | C] () -- C:\Windows\System32\CallSimReader.dll
[2009.04.09 16:46:04 | 000,055,808 | ---- | C] () -- C:\Windows\System32\SimReader.dll
[2009.03.11 10:09:27 | 000,000,248 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009.03.11 09:30:04 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.10.26 22:29:55 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.26 22:24:46 | 004,796,564 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.10.26 22:24:46 | 001,495,382 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.10.26 22:24:46 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.10.26 22:24:46 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.10.26 15:53:34 | 000,000,428 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,393,200 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 001,863,322 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 001,323,740 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
< End of report >
Code:
OTL Extras logfile created on: 14.03.2011 22:03:26 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\SiSa\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,36 Gb Total Space | 95,06 Gb Free Space | 42,75% Space Free | Partition Type: NTFS
Drive D: | 10,53 Gb Total Space | 1,79 Gb Free Space | 16,99% Space Free | Partition Type: NTFS
Computer Name: SISA-LAPTOP | User Name: SiSa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FF4CDCD-43FB-4F80-AF0E-F3DE8805D10D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{250A86AF-7310-453B-B14F-74C59A92763D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5557B635-81DB-476A-8C78-E41CEEB979D1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{57B97686-DA05-4580-A947-65AB8D9F0CF7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5AABDE3B-2C08-4764-A47D-3AB613DF9041}" = lport=2869 | protocol=6 | dir=in | app=system |
"{95821560-6E9D-4DA6-86B3-0A81BA8F1BE7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BEA1DC3D-3D01-4777-9F60-39562FD9A7FE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFF6E954-0502-461C-B03C-C28DA387CFC3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C8B724AE-7D6F-4757-A801-99AC088D7464}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D692DD82-8509-4AAC-9E1C-15880939628E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9B8AAFA-FBD5-4D27-8774-F1D70A4E61A1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F4D8D72F-910E-4A4B-B688-196E13BB451E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0468BBF2-E92B-4EA8-87DE-4D3EEE5D05F5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{08D5CDF4-423C-4447-A382-11BB7B0190BB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0B68D103-2031-4C5E-810C-67D0F0F73B19}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1480F757-AA1C-4654-AE71-B6CCEAA31A1B}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{1560B5A1-0938-4EA6-B1F3-59835C3C5A72}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{1597AEBF-2862-4934-B308-4F6EEDFFB5EE}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{171B3B23-3771-4245-90F2-0DE5C467AAEB}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{1751DF79-F40D-47B3-9B91-266CFF0BC0DD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1DBBBF23-C647-423A-82DC-6448A8E065C6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E17C3F2-1444-4E44-897C-E84F39E68FD4}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{20AEA494-71BC-4614-A77D-F00D521BEB92}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{29694C78-F125-4B68-8B79-F741E5D05344}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{2D5BFCFC-F4A3-47FF-A005-4D67E23C1A53}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2DF7D3D8-E986-4B15-9022-67A4B85E3D7B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{38042B70-88FB-48DE-A91B-F89EC275E5BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A6D95CB-BF5E-4C3C-B742-1703AE4B0CAD}" = protocol=6 | dir=out | app=system |
"{427123A6-BAB6-4BC5-9B68-47505E1C2D69}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{49585719-A6F3-433C-B24A-E0D5E0EF96A2}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{4D949DBB-C8EE-4348-ACBC-DFD8168C30DE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5372D117-84D9-44B7-983C-7D29E3F3EA30}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{5D41A5F8-03C9-4C2A-97E4-DB909D961AEB}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{673038AB-BCEC-4EC0-ABF5-D5587EDADF4F}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{6CFEA6F5-69E5-45D3-B719-FC2FBB463249}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{72D869C5-8428-4613-B20C-6EA5148CCD53}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{80C66400-96F0-480A-B627-2219A2866B2C}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{8E933375-5210-4D26-9E04-B53F1FF64456}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{9194E423-63FD-4C21-9421-ABF7FA03CB7E}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{A037537F-1754-4364-A80A-A9EF4EE9DBB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A28FDA0C-0C5A-4E94-92D9-FACEA3F74B42}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{BE360980-41B1-4C13-A419-2DD76A4D55C4}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{BE68E556-F216-4650-8FCD-EBE2BB14C4F0}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{C3F46C1C-91F2-4730-93DF-0DDC204BBE5F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C48AA288-AF00-4385-914A-E61D8478C298}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CCE68DB6-18B1-4D11-9427-A6EBA8155044}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{CE6A6488-2492-4EF6-B049-DF8578F384B6}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{CF9C5AC3-DDD4-4AAF-BCB1-C3400510D050}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{D72DB796-0C34-4CB2-9653-B7BE458FF8B0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D83CE32B-4DA3-41FB-8453-C903077B422C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DEF78DC9-C3A3-4E28-B4D4-B9066ABC8237}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{DF099400-23F8-413C-906D-5AE4DAEF3D11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E514AFEA-71AF-4CF1-AC2F-D8B0CFCEDBA0}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{E74FAC4A-8977-48E5-B997-51901C7501E7}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{F523EF71-2BC0-4533-AE28-D2E208C1F8E2}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{F651FD7A-E06A-4FEA-8087-4DAB00389CEC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F9AADACF-4DD8-41CF-AD61-EA42A2F7E47C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{DBB32F69-A228-412B-A421-9FD3C1F8C7A7}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{EE437CA8-5491-4DDE-98BF-6ADDB4D8DFD0}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{720E0B41-B68B-4352-B7A1-097282279F2E}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{78051F44-02CD-46D7-9FF1-7427492A09A8}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}" = lingDIALOG
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 22
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{2A343604-9872-472A-98EC-43DB53B60AC3}_is1" = Prodi 5.7
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{537575D6-3B96-474C-BD8F-DFF667363DBD}" = Naviextras Toolbox Prerequesities
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVIConverter" = AVIConverter 5.1.6
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Content Manager 2" = Content Manager 2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Grammatiktrainer 4.0 Spanisch" = Langenscheidt Grammatiktrainer 4.0 Spanisch
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}" = lingDIALOG
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"NVIDIA Drivers" = NVIDIA Drivers
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Secunia PSI" = Secunia PSI (2.0.0.2001)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.07.2010 09:55:14 | Computer Name = SiSa-Laptop | Source = VMCService | ID = 0
Description = GetProcessOwner
Error - 21.07.2010 12:49:30 | Computer Name = SiSa-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 21.07.2010 12:49:30 | Computer Name = SiSa-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 21.07.2010 12:50:42 | Computer Name = SiSa-Laptop | Source = WinMgmt | ID = 10
Description =
Error - 21.07.2010 13:00:16 | Computer Name = SiSa-Laptop | Source = LoadPerf | ID = 3012
Description =
Error - 21.07.2010 13:00:17 | Computer Name = SiSa-Laptop | Source = LoadPerf | ID = 3012
Description =
Error - 21.07.2010 13:00:17 | Computer Name = SiSa-Laptop | Source = LoadPerf | ID = 3011
Description =
Error - 22.07.2010 05:23:33 | Computer Name = SiSa-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 22.07.2010 05:23:33 | Computer Name = SiSa-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 22.07.2010 05:23:34 | Computer Name = SiSa-Laptop | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 16.05.2009 07:57:02 | Computer Name = SiSa-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2396
seconds with 1020 seconds of active time. This session ended with a crash.
Error - 20.05.2009 11:15:42 | Computer Name = SiSa-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 225
seconds with 180 seconds of active time. This session ended with a crash.
Error - 31.05.2009 11:10:18 | Computer Name = SiSa-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4697
seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.06.2009 15:34:49 | Computer Name = SiSa-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5536
seconds with 1320 seconds of active time. This session ended with a crash.
Error - 02.08.2009 12:42:34 | Computer Name = SiSa-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2677
seconds with 2220 seconds of active time. This session ended with a crash.
Error - 17.08.2009 07:48:53 | Computer Name = SiSa-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2751
seconds with 1020 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 14.03.2011 09:21:31 | Computer Name = SiSa-Laptop | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.36 für die Netzwerkkarte mit der Netzwerkadresse
00242B969D6B wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 14.03.2011 09:22:58 | Computer Name = SiSa-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 14.03.2011 09:35:25 | Computer Name = SiSa-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 14.03.2011 um 14:32:14 unerwartet heruntergefahren.
Error - 14.03.2011 09:37:08 | Computer Name = SiSa-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 14.03.2011 09:50:16 | Computer Name = SiSa-Laptop | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.36 für die Netzwerkkarte mit der Netzwerkadresse
00242B969D6B wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 14.03.2011 12:18:07 | Computer Name = SiSa-Laptop | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
00242B969D6B wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 14.03.2011 12:20:54 | Computer Name = SiSa-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 14.03.2011 12:25:05 | Computer Name = SiSa-Laptop | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
00242B969D6B wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 14.03.2011 14:41:01 | Computer Name = SiSa-Laptop | Source = Service Control Manager | ID = 7031
Description =
Error - 14.03.2011 14:45:17 | Computer Name = SiSa-Laptop | Source = Service Control Manager | ID = 7000
Description =
< End of report >
|
