| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: S.M.A.R.T. Repair & Google Redirect-Trojaner/VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.07.2012, 23:21
| #1 |
 |  S.M.A.R.T. Repair & Google Redirect-Trojaner/Virus Hallo allerseits, ich habe ein Problem mit meinem Laptop! Und zwar sind bei mir ganz plötzlich alle Programme abgestürzt und ich bekam jede Menge Fehlermeldungen à la "Teile der Festplatte sind defekt", "Schreib- und Lesefehler in C:\" usw. (den genauen Wortlaut weiß ich leider nicht mehr). Gleichzeitig hat sich das Programm S.M.A.R.T. Repair / Data Revocery geöffnet, einen Systemcheck durchgeführt und sämtliche Fehler gefunden. Daraufhin hab ich mir einige Anleitungen durchgelesen (u.a. in diesem Forum), wie man dieses Programm wieder entfernt. Nach mehreren Neustarts waren dann auch alle Dateien auf meinem Computer wieder sichtbar, jedoch bekam ich nach jedem Neustart eine Meldung von AntiVir, dass sich auf den Laufwerken C:, D: und W: ein Virus befindet (BOO/TDss.O). Mittlerweile bin ich auf avast Antivirus umgestiegen und habe eine Startzeitüberprüfung durchführen lassen. Dabei kam die Meldung "Datei MBR 0 ist infiziert von MBR:Alureon-L [Rtk]". Mir ist außerdem noch aufgefallen, dass ich mitunter auf Websiten wie z.B. haveme.com weitergeleitet werde, wenn ich auf ein Suchergebnis bei Google klicke. Hier sind meine Logs: defogger defogger_disable.log Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:49 on 03/07/2012 (Patrick)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
OTL OTL.txt Code:
ATTFilter OTL logfile created on: 7/3/2012 11:54:56 PM - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Patrick\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.79 Gb Total Physical Memory | 2.47 Gb Available Physical Memory | 65.09% Memory free 7.59 Gb Paging File | 6.17 Gb Available in Paging File | 81.33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 172.79 Gb Total Space | 103.44 Gb Free Space | 59.86% Space Free | Partition Type: NTFS Drive D: | 113.19 Gb Total Space | 8.45 Gb Free Space | 7.46% Space Free | Partition Type: NTFS Drive W: | 12.00 Gb Total Space | 3.84 Gb Free Space | 31.97% Space Free | Partition Type: NTFS Computer Name: PATRICKS | User Name: Patrick | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/07/03 23:52:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe PRC - [2012/06/28 14:51:53 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012/06/28 14:51:51 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/06/28 14:51:48 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe PRC - [2012/01/08 10:39:06 | 000,035,328 | ---- | M] (NirSoft) -- C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009/10/01 06:01:32 | 002,320,920 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009/10/01 06:01:30 | 000,268,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009/07/10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MSIService.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/06/28 14:51:53 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2012/06/28 14:51:48 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV:64bit: - [2010/01/08 13:34:01 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 03:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr) SRV - [2012/06/18 14:45:03 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/12/16 16:26:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0) SRV - [2011/12/16 16:26:22 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer) SRV - [2011/12/01 21:55:08 | 000,069,632 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify) SRV - [2011/07/29 21:31:40 | 001,249,064 | ---- | M] () [Disabled | Stopped] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer) SRV - [2011/05/29 04:12:16 | 000,075,136 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/10/13 20:36:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2009/10/01 06:01:32 | 002,320,920 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009/10/01 06:01:30 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009/07/10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\System Control Manager\MSIService.exe -- (Micro Star SCM) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012/07/03 18:21:52 | 000,266,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2) DRV:64bit: - [2012/07/03 18:21:52 | 000,142,128 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswFW.sys -- (aswFW) DRV:64bit: - [2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012/07/03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:64bit: - [2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012/06/27 22:33:54 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis) DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.) DRV:64bit: - [2012/02/24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV:64bit: - [2012/02/24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV:64bit: - [2012/01/18 14:04:14 | 000,031,344 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cnnctfy2.sys -- (cnnctfy2) DRV:64bit: - [2011/12/08 06:22:36 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm) DRV:64bit: - [2011/12/08 06:22:36 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM) DRV:64bit: - [2011/12/08 06:22:36 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV:64bit: - [2011/12/08 06:22:36 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl) DRV:64bit: - [2011/12/08 06:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2011/12/08 06:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV:64bit: - [2011/12/08 06:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) DRV:64bit: - [2011/12/08 06:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:64bit: - [2011/12/08 06:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV:64bit: - [2011/06/27 02:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/01/04 16:11:16 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/09/02 09:18:46 | 000,021,504 | ---- | M] (Shrew Soft Inc) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt) DRV:64bit: - [2010/09/02 09:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet) DRV:64bit: - [2010/03/04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/02/10 09:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2010/01/28 04:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010/01/08 13:55:30 | 006,232,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2010/01/08 13:55:30 | 006,232,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010/01/08 12:41:42 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2010/01/08 12:40:57 | 000,160,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010/01/07 21:51:38 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2009/12/16 04:12:25 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2009/12/05 03:50:22 | 000,087,888 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EUCR6SK.sys -- (EUCR) DRV:64bit: - [2009/09/17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009/08/28 10:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 23:01:14 | 001,227,776 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SmSerl64.sys -- (smserial) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/26 23:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2011/01/04 16:11:16 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\windows\SysWow64\drivers\StarOpen.sys -- (StarOpen) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F1A148D2-8D6B-4736-91DD-AED78EACF3C8} IE:64bit: - HKLM\..\SearchScopes\{F1A148D2-8D6B-4736-91DD-AED78EACF3C8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {A7172603-AD3C-4D75-B502-E98AC72B540D} IE - HKLM\..\SearchScopes\{A7172603-AD3C-4D75-B502-E98AC72B540D}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msmiq.com/(S(cmjgqi45joflms55soqm2oiq))/default.aspx?language=de-de IE - HKCU\..\SearchScopes,DefaultScope = {A7172603-AD3C-4D75-B502-E98AC72B540D} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Patrick\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/15 04:57:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/03 23:17:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 14:45:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/12 00:32:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/10/28 19:54:16 | 000,000,000 | ---D | M] [2011/02/02 09:53:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions [2011/02/02 09:53:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010/09/17 23:24:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2012/07/03 19:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\55rk036k.default\extensions [2012/05/11 03:31:02 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\55rk036k.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2010/09/18 02:03:30 | 000,000,000 | ---D | M] (SmoothWheel (mozdev.org)) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\55rk036k.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC} [2012/05/29 00:52:33 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\55rk036k.default\extensions\battlefieldheroespatcher@ea.com [2012/05/18 19:45:48 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\55rk036k.default\extensions\ich@maltegoetz.de [2011/12/19 19:13:47 | 000,000,933 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\11-suche.xml [2011/12/19 19:13:47 | 000,002,419 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\englische-ergebnisse.xml [2012/06/28 22:52:00 | 000,001,018 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\facebook.xml [2011/12/19 19:13:47 | 000,010,525 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\gmx-suche.xml [2011/12/19 19:13:47 | 000,002,457 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\lastminute.xml [2011/12/19 19:13:47 | 000,005,508 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\webde-suche.xml [2011/01/21 18:25:38 | 000,004,140 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\youtube.xml [2012/05/21 15:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012/01/21 00:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012/03/15 04:57:48 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 [2012/06/26 21:44:09 | 000,626,986 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\{62760FD6-B943-48C9-AB09-F99C6FE96088}.XPI [2012/06/05 01:31:15 | 000,020,995 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\{8A8C1ADA-2504-45C6-A2D2-265591ABBD00}.XPI [2011/10/31 15:41:07 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI [2012/05/19 11:37:06 | 000,697,058 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI [2012/07/03 19:11:28 | 000,045,005 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI [2012/05/04 01:24:33 | 000,363,268 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\CLIENT@ANONYMOX.NET.XPI [2012/03/07 18:57:05 | 000,072,222 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\SKIPSCREEN@SKIPSCREEN.XPI [2012/06/18 14:45:04 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/03/08 13:06:20 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011/08/31 12:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll [2012/03/11 18:35:28 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/03/11 18:35:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/03/11 18:35:28 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012/03/11 18:35:28 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012/03/11 18:35:28 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012/03/11 18:35:28 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011/10/14 02:43:20 | 000,437,925 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 15060 more lines... O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [$Volumouse$] C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe (NirSoft) O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software) O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software) O4 - HKLM..\RunOnce: [aswasOutExt64.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe (AVAST Software) O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.10 192.168.1.130 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE079886-8D4C-4805-9951-B9B08F64DE77}: NameServer = 192.168.1.10 192.168.1.130 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8573EAE-4D38-4DC9-844F-192F0435BB95}: DhcpNameServer = 192.168.1.10 192.168.1.130 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"1031" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /wow /dir:"C:\Program Files\AVAST Software\Avast") O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/07/03 23:52:46 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe [2012/07/03 19:44:16 | 000,142,128 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFW.sys [2012/07/03 19:44:06 | 000,266,776 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswNdis2.sys [2012/07/03 19:44:05 | 000,019,600 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswKbd.sys [2012/07/03 19:44:05 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\windows\SysNative\drivers\aswNdis.sys [2012/07/03 19:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security [2012/07/03 19:16:24 | 000,355,856 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys [2012/07/03 19:16:24 | 000,025,232 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys [2012/07/03 19:16:18 | 000,059,728 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys [2012/07/03 19:16:18 | 000,054,072 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys [2012/07/03 19:16:17 | 000,958,400 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys [2012/07/03 19:16:16 | 000,285,328 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe [2012/07/03 19:16:16 | 000,071,064 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys [2012/07/03 19:15:51 | 000,041,224 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr [2012/07/03 19:15:50 | 000,227,648 | ---- | C] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe [2012/07/03 19:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012/07/03 19:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012/07/03 04:14:57 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Malwarebytes [2012/07/03 04:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/07/03 04:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/07/03 01:30:14 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery [2012/07/01 23:48:34 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Spotify [2012/07/01 23:48:22 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Spotify [2012/06/27 08:18:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\Simple_Plan-Get_Your_Heart_On-(CN_Retail)-2012-iUKoO [2012/06/23 14:47:32 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Macromedia [2012/06/20 18:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012/06/12 04:53:05 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\Mash-Up Your Bootz Party [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/07/03 23:56:05 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/03 23:52:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe [2012/07/03 23:49:35 | 000,000,000 | ---- | M] () -- C:\Users\Patrick\defogger_reenable [2012/07/03 23:29:20 | 000,050,477 | ---- | M] () -- C:\Users\Patrick\Desktop\Defogger.exe [2012/07/03 23:24:28 | 000,017,376 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/03 23:24:28 | 000,017,376 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/03 23:17:08 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt [2012/07/03 22:31:07 | 000,000,936 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1234592865-2256707453-3612337758-1000UA.job [2012/07/03 22:30:34 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/03 22:30:02 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012/07/03 22:29:58 | 3055,697,920 | -HS- | M] () -- C:\hiberfil.sys [2012/07/03 19:31:40 | 000,001,932 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys [2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys [2012/07/03 18:21:52 | 000,266,776 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswNdis2.sys [2012/07/03 18:21:52 | 000,142,128 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFW.sys [2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys [2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys [2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys [2012/07/03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswKbd.sys [2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys [2012/07/03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr [2012/07/03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe [2012/07/03 18:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe [2012/07/03 01:31:17 | 000,000,914 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1234592865-2256707453-3612337758-1000Core.job [2012/07/02 22:34:25 | 000,225,759 | ---- | M] () -- C:\Users\Patrick\Desktop\Reportff833bee-0091-4eb3-85ae-652f6fb55562.pdf [2012/06/28 03:04:34 | 000,020,165 | ---- | M] () -- C:\Users\Patrick\Desktop\Klausurtermine_Technik_SS_12_Stand_180612.pdf [2012/06/27 22:33:54 | 000,012,368 | ---- | M] (ALWIL Software) -- C:\windows\SysNative\drivers\aswNdis.sys [2012/06/27 04:35:10 | 000,654,400 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2012/06/27 04:35:10 | 000,616,242 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012/06/27 04:35:10 | 000,130,240 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2012/06/27 04:35:10 | 000,106,622 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012/06/27 04:35:09 | 001,498,742 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012/06/27 03:14:17 | 000,011,751 | ---- | M] () -- C:\Users\Patrick\Documents\Zulassungsantrag.pdf [2012/06/21 05:06:35 | 000,921,126 | ---- | M] () -- C:\Users\Patrick\Desktop\abc.png [2012/06/15 12:31:47 | 000,001,063 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012/06/15 12:24:26 | 002,267,328 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2012/06/14 02:04:47 | 408,258,604 | ---- | M] () -- C:\Users\Patrick\Desktop\Video_MFS_I.wmv [2012/06/12 03:55:27 | 008,938,527 | ---- | M] () -- C:\Users\Patrick\Desktop\Mashup-Germany - Brave new world.mp3 [2012/06/10 19:50:00 | 001,768,169 | ---- | M] () -- C:\Users\Patrick\Desktop\20120610_194959.jpg [2012/06/10 19:40:36 | 001,582,290 | ---- | M] () -- C:\Users\Patrick\Desktop\20120610_194036.jpg [2012/06/05 02:02:38 | 000,007,606 | ---- | M] () -- C:\Users\Patrick\AppData\Local\resmon.resmoncfg [2012/06/05 01:32:56 | 000,001,524 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk [2012/06/04 15:50:11 | 277,480,778 | ---- | M] () -- C:\Users\Patrick\Desktop\Mashup-Germany - BACK TO THE FUTURE PROMO MIX.mp3 [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/07/03 23:49:35 | 000,000,000 | ---- | C] () -- C:\Users\Patrick\defogger_reenable [2012/07/03 23:29:21 | 000,050,477 | ---- | C] () -- C:\Users\Patrick\Desktop\Defogger.exe [2012/07/03 19:31:40 | 000,001,932 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2012/07/03 19:16:16 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\config.nt [2012/07/02 22:34:25 | 000,225,759 | ---- | C] () -- C:\Users\Patrick\Desktop\Reportff833bee-0091-4eb3-85ae-652f6fb55562.pdf [2012/07/01 23:48:34 | 000,001,813 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2012/06/28 03:04:33 | 000,020,165 | ---- | C] () -- C:\Users\Patrick\Desktop\Klausurtermine_Technik_SS_12_Stand_180612.pdf [2012/06/27 03:14:17 | 000,011,751 | ---- | C] () -- C:\Users\Patrick\Documents\Zulassungsantrag.pdf [2012/06/21 05:06:30 | 000,921,126 | ---- | C] () -- C:\Users\Patrick\Desktop\abc.png [2012/06/21 03:57:29 | 001,582,290 | ---- | C] () -- C:\Users\Patrick\Desktop\20120610_194036.jpg [2012/06/21 03:57:28 | 001,768,169 | ---- | C] () -- C:\Users\Patrick\Desktop\20120610_194959.jpg [2012/06/15 12:31:42 | 000,001,063 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012/06/14 02:03:01 | 408,258,604 | ---- | C] () -- C:\Users\Patrick\Desktop\Video_MFS_I.wmv [2012/06/12 03:55:22 | 008,938,527 | ---- | C] () -- C:\Users\Patrick\Desktop\Mashup-Germany - Brave new world.mp3 [2012/06/05 01:32:15 | 000,001,524 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk [2012/06/04 15:48:53 | 277,480,778 | ---- | C] () -- C:\Users\Patrick\Desktop\Mashup-Germany - BACK TO THE FUTURE PROMO MIX.mp3 [2012/03/26 00:01:08 | 000,000,000 | ---- | C] () -- C:\ProgramData\svcdotnet.inc [2012/03/22 19:06:39 | 000,000,012 | ---- | C] () -- C:\ProgramData\svcdotnet.cfg [2012/01/21 18:43:03 | 000,000,000 | ---- | C] () -- C:\Users\Patrick\AppData\Local\{61060088-DC20-4A8A-A017-10DBA0868E3D} [2011/12/13 20:59:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2011/12/13 20:56:04 | 000,005,632 | ---- | C] () -- C:\windows\SysWow64\drivers\StarOpen.sys [2011/06/25 09:47:25 | 000,554,496 | ---- | C] () -- C:\windows\SysWow64\dvmsg.dll [2011/05/29 04:12:18 | 000,270,240 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe [2011/05/29 04:12:16 | 000,075,136 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe [2011/02/02 09:53:00 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat [2011/01/04 16:10:58 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe [2011/01/04 16:10:56 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll [2011/01/04 16:10:56 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll [2011/01/04 16:10:56 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll [2011/01/04 16:10:56 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll [2010/12/08 16:10:07 | 000,110,592 | ---- | C] () -- C:\windows\SysWow64\mlfcache.dat [2010/12/01 02:07:30 | 000,000,091 | ---- | C] () -- C:\windows\wininit.ini [2010/11/24 17:28:27 | 000,003,584 | ---- | C] () -- C:\Users\Patrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/09/18 00:43:34 | 000,000,056 | ---- | C] () -- C:\windows\SysWow64\ezsidmv.dat [2010/09/17 21:52:28 | 000,007,606 | ---- | C] () -- C:\Users\Patrick\AppData\Local\resmon.resmoncfg [2010/09/15 19:25:17 | 000,000,000 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\wklnhst.dat ========== LOP Check ========== [2012/07/03 18:57:48 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Amazon [2012/03/13 17:53:03 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\avidemux [2010/10/11 12:00:23 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Canon [2011/07/01 11:08:16 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Dev-Cpp [2012/07/03 22:32:50 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Dropbox [2010/12/27 15:30:48 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\FRITZ! [2012/05/07 02:39:03 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\ICQ [2011/06/18 06:46:18 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\IrfanView [2011/12/14 02:52:05 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Jumping Bytes [2011/03/27 16:21:37 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Leadertech [2012/07/03 18:59:53 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Mobile Master [2011/04/19 14:18:50 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\ROUTE 66 Sync [2012/02/03 03:16:03 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Samsung [2012/07/03 02:53:03 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Spotify [2011/12/02 18:11:42 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\SumatraPDF [2012/05/21 14:54:21 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Systweak [2012/04/10 00:19:44 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Temp [2011/02/02 09:52:59 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Thunderbird [2011/07/16 01:21:28 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Tobit [2011/12/04 19:05:32 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TS3Client [2012/07/03 01:31:17 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1234592865-2256707453-3612337758-1000Core.job [2012/07/03 22:31:07 | 000,000,936 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1234592865-2256707453-3612337758-1000UA.job [2012/05/27 00:41:51 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 7/3/2012 11:54:56 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Patrick\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.79 Gb Total Physical Memory | 2.47 Gb Available Physical Memory | 65.09% Memory free
7.59 Gb Paging File | 6.17 Gb Available in Paging File | 81.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172.79 Gb Total Space | 103.44 Gb Free Space | 59.86% Space Free | Partition Type: NTFS
Drive D: | 113.19 Gb Total Space | 8.45 Gb Free Space | 7.46% Space Free | Partition Type: NTFS
Drive W: | 12.00 Gb Total Space | 3.84 Gb Free Space | 31.97% Space Free | Partition Type: NTFS
Computer Name: PATRICKS | User Name: Patrick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F95954E-5A28-49F5-BC89-2350789D54D8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2258A3F6-8D3D-4926-9D6C-39D60C0E3B1F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{27E62B77-5E5C-428D-BA86-DBAF2C7EA0AD}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{32012793-B903-434D-A472-B14120D86321}" = lport=2869 | protocol=6 | dir=in | app=system |
"{38F3F51A-F3C7-4FB5-B46E-0CCBBBE47A60}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{40994B19-2AFC-4D10-8D54-79A6094CC409}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{40C74C30-0EE6-403F-AFFD-2B7BBDBC35F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{40F2A0D5-4DDD-436B-A70D-CEA212B5A410}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{42B1F363-A074-43AC-AF1A-13FDD64CF7D7}" = rport=2869 | protocol=6 | dir=out | app=system |
"{45156B6E-361A-44DB-A0A0-D36372AC3CC8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{45628868-B2E7-427E-ACCB-B144D7814E76}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F30DD4E-5567-4728-8328-25D545C7B8E8}" = lport=1317 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{5EADCC62-DDD5-4690-8262-29D06F24B3DE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F808B67-10D3-4FD8-9E15-FE3AB3A4238C}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{642D49FA-22CF-438D-977F-63C7DBF17333}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{77E4ED91-466B-4BE4-A7AC-7FDBCC826F3B}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{785C1319-E93F-484E-BAFF-94F466BFB856}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7A874133-A79E-4B29-B324-1F8431BAF464}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8A9F68FF-F2FB-4AB8-B53B-A3F94E5934CD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{916DC5A5-19AF-4379-8A6E-28B3391504F3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9BF2C326-CD36-478A-9614-A391525EB6CD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A96CA2E8-4C50-4969-916B-63A3D61D546A}" = lport=1303 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{B04A8B7A-6B26-4DB6-A4F5-922FF412B6B0}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{B1410378-B77E-4CCC-B4FA-D7ABCB193158}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B6049468-539C-40E6-8F9B-CF46460315F2}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{B72A21AB-3742-4A0C-880B-228C8CDC00F7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9D79949-E6E4-4003-831F-6771370A233E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BC4EA1F0-C587-4DCE-820C-0F1385391853}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C805B6FB-F203-406E-B6ED-680E2EF13953}" = lport=68 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{D53F8EEE-14AB-4BAF-97F3-3A8B855E82C8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D8A596E2-BE21-4158-A1E4-C768FABD3B98}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FD305BFB-4F83-4409-9956-D10269704312}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040AFA5E-91EF-4D15-8BEF-0EA5CD3ACDD5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{06784D33-3824-487C-B2E6-509870E983C8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0E5DF8F8-6B00-4663-AD1F-E3B2FDA38F24}" = dir=in | app=c:\programdata\tversity\media server\mediaserver.exe |
"{12D252BB-D561-43F6-A339-608631ABFBF7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{183E5EE4-E8FD-48E0-B23B-370B79824710}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1C818C7E-DE18-4005-BEBA-0CB6710FA470}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1D02DEC2-D1D0-4EC1-A17F-3324643975D0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{254AE622-F809-4A40-AAE9-466044B6032B}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{2A9ACE52-7C08-4211-A746-E7B810B73E1C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{2CF0B08D-75BE-49EF-AD6F-EED025FA0E55}" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"{31771D89-5FDB-4DA1-A328-3535DC542D14}" = protocol=6 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"{3C083D36-D88C-4DD2-A4E1-034231281FDA}" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"{40569683-8A10-4BC9-AA42-2EF1D0E80B13}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{42059D30-25EC-4608-90D9-82E5E2E07835}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{43B572BE-9CA4-444B-9888-A9E3B757ED0B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4700C536-4022-49AD-A667-F47687CB76D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{494B3F4D-4AAC-497D-81B2-7A32AB8A5817}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{4BB5E217-5B68-4196-803A-36F38CEEB7BA}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{505B0D36-79BD-4C72-9A3D-678C9C4E099F}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{52419412-0F3F-4C24-AC94-EF9505251245}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53C937CF-C6BC-42B5-8469-417B3508A097}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{54BBDEDD-441E-45DB-9712-C01300385787}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{581942BE-B789-4513-9E66-604A3B432038}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{593416DE-E7FA-49B6-A191-60E47A0DC8DC}" = dir=out | app=c:\windows\system32\svchost.exe |
"{5E61029C-8A4D-4E1D-ACD8-7B22A073E419}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{64642D57-F49C-45C6-8937-93C2FFFBE898}" = protocol=6 | dir=in | app=c:\spiele\ea sports\fifa 12\game\fifa.exe |
"{69E0B37F-75E7-4B45-B541-D581BE671620}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6ED263DA-8211-4C8A-B1E9-303C53D99FEC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{70E8F109-8441-4E18-B06B-D2F810671BBE}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{729DCAB6-D4B3-4CCC-B802-221ABBECC7A9}" = protocol=17 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"{742A5ED9-1078-461A-A85B-E7F221E35ECF}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{764E0312-9C09-4072-A3CB-8726FBED6A1F}" = protocol=6 | dir=in | app=c:\users\patrick\appdata\roaming\spotify\spotify.exe |
"{76996AF6-3079-497F-8C0C-66CCD5F46CC7}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{7775D4A1-A4A7-4D8B-9FF9-793BA3B7DE6A}" = protocol=6 | dir=in | app=c:\users\patrick\appdata\roaming\dropbox\bin\dropbox.exe |
"{80CE7F12-3F56-4176-8C33-3D9C96756008}" = protocol=17 | dir=in | app=c:\users\patrick\appdata\roaming\dropbox\bin\dropbox.exe |
"{83A31069-9841-4EB0-895E-AF9D29C8F70E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8544D0C1-2C9E-42D8-8414-BCC32F63BE26}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{87ED0B6D-B2A9-4544-8835-E25CA9EB1065}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8ACBF5C3-C19E-462B-9F97-F77F47B4C396}" = protocol=6 | dir=out | app=system |
"{90F7E6BE-E671-462B-9182-0EBC841FF6B0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{921561DE-C7B5-4E4E-B181-BA074B610FFB}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{946DC4F3-2654-47C8-AE48-22F0041DA1D2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{9B08F6E7-B76F-4C4D-89CD-0ABACAE9EE91}" = protocol=6 | dir=in | app=c:\users\patrick\appdata\roaming\dropbox\bin\dropbox.exe |
"{9E9E41B6-6B95-4ED2-A8D0-3AE082715A30}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A0046EAE-0B30-4216-9C90-BE86A5793D14}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{A11EFC29-2721-4D4E-8E55-A3A9548DDE62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A5E39896-138A-44EC-835D-5952649DDC4B}" = protocol=17 | dir=in | app=c:\users\patrick\appdata\roaming\spotify\spotify.exe |
"{A83AB83B-0CC7-4596-B851-3FA17232E7A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A91C62F1-50A3-4F9D-B8FD-F21AE4EEDC02}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{AA496294-1B59-4885-8010-75AA8D981E3C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B0A97DA0-A29B-4168-8070-003C158CC3A7}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{BB52DAEF-C098-4F9F-922B-CD3F52064135}" = protocol=17 | dir=in | app=c:\users\patrick\appdata\roaming\dropbox\bin\dropbox.exe |
"{C012925E-FCDD-4248-8A09-09A6A5FBB72E}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{C1269B1F-4653-41CA-BDF0-76D6725D4426}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{C296E607-7803-4F3E-A753-D6DDCBB068D3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C4F795CF-AE88-466B-80CD-92EE41EC261B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C51AA26E-865C-41E4-B262-E465221446E5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C558AA1A-BBCA-4DE8-BC25-36F6F3336949}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{C8679FD4-B64D-4BAA-AD17-CEC13EC8EAAF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C927B300-6C72-4E14-BD44-46502A504867}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CA387D85-9449-4861-9855-33461C54D74E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CCF7E5EC-8B97-4DF1-A739-839EF4A3A857}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CD5DDBA5-8006-408C-A02D-C2E6B2EF6502}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CEB94370-0021-496E-8B26-8498FB2B690D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D0A141A6-1C78-43B6-B707-79DCDCD3BF02}" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"{D4684870-1D6E-4B96-8389-17E142C66C58}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D5A374CB-C670-4BD5-9B96-6DB32D93CA0D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D95C10C2-B238-4897-98EC-F9E3D5F48538}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCBE78B8-8E99-4CFC-8199-44E7D45E774D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DF07891F-A506-4DC2-BAE8-10305C82EA2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E2234F3B-CA5A-4030-A3D4-CD0DFAE360A7}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{E4E79D17-0CFC-449C-96CD-E5EC26BD7A3F}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{E8CBC97C-1550-4412-B28E-2E86A8F7A3F8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{EA96B202-3BFA-4FAF-B8E7-56615717E727}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB4C8D38-900F-4AA2-A172-F33BA8576C30}" = protocol=17 | dir=in | app=c:\spiele\ea sports\fifa 12\game\fifa.exe |
"{EE4E6687-457F-4D3F-B315-4DDDC88F1681}" = dir=in | app=c:\users\patrick\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{F34490C5-B8B3-46A7-AE58-5B3336EBD8F7}" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"{F5FD63E9-2347-4944-987E-D2CF63FEA90C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F83A81C7-E524-4992-A4F6-CFCEB92EFFD5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{03A9AFD1-CA45-4D4A-9ADE-0B94D3EC9943}C:\spiele\ea sports\fifa 11 demo\game\fifa.exe" = protocol=6 | dir=in | app=c:\spiele\ea sports\fifa 11 demo\game\fifa.exe |
"TCP Query User{03EEFC47-1E37-4A12-83D1-9645E8DEFA27}C:\program files (x86)\phoner\phoner.exe" = protocol=6 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"TCP Query User{04622A22-F5CC-40A4-9BCB-0DF791A75F91}C:\spiele\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\spiele\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{12E4986E-6089-4AEC-9ABC-CBCF2639B8D4}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{1DF90C7E-6CDF-4163-9025-CBFB6056AC74}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{2ED775BF-A5F7-4018-9679-F268F0FA5475}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe |
"TCP Query User{2FFE6613-7772-4A22-8BB6-E3682AAEC5C8}C:\spiele\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\spiele\tmnationsforever\tmforever.exe |
"TCP Query User{42FA406C-AAF2-498A-9DFE-96CA78E3BEA9}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{5E97DC46-BEB6-4AB4-BFD9-4E687E9AD64E}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"TCP Query User{7D57DB70-C9AB-498C-B97D-EFDA47D681E9}C:\program files (x86)\fritz!dsl\fritzdsl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\fritzdsl.exe |
"TCP Query User{82BBC8B8-109F-442E-B5C4-832DB6ED7B4F}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"TCP Query User{899E46D0-1759-45E1-90F3-86316716BB43}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{92445DF0-EB79-4D49-8494-597412E8670A}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{B3015727-66B0-46C7-BAFA-6A5089CE833D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{BF55D25E-7E4E-4A82-BFA2-11D535CEA39B}C:\users\patrick\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\patrick\appdata\roaming\spotify\spotify.exe |
"TCP Query User{C5917837-099A-4BD7-AD14-A9817489FF80}C:\program files (x86)\route 66\route 66 sync\route66sync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\route66sync.exe |
"TCP Query User{C99A21DF-9DFC-424F-B84E-18CA10E3CB85}C:\program files (x86)\route 66\route 66 sync\sync9loader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\sync9loader.exe |
"UDP Query User{060D5D71-A37E-4BF7-B11A-6A8A89B70A9A}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"UDP Query User{16B7D19D-2B3A-4E2C-80F0-B6F13A420871}C:\program files (x86)\route 66\route 66 sync\route66sync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\route66sync.exe |
"UDP Query User{1E80B157-0A93-4FCF-AC90-BF10C249BB1D}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe |
"UDP Query User{2995AF03-3AA8-4D3A-990C-D43F74072CF2}C:\program files (x86)\fritz!dsl\fritzdsl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\fritzdsl.exe |
"UDP Query User{2B7612FE-9D65-49FC-9C71-D06AFB8CF6DB}C:\program files (x86)\phoner\phoner.exe" = protocol=17 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"UDP Query User{3BA9C4EC-3AED-45E0-9785-83C3BBE48E44}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{44D180DF-9960-4C37-85FC-A394DAE34D37}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{918A09AD-1239-4BD2-8994-CDC6E32BD4A9}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{9FD53F91-DC0A-4101-94E5-23E1A3CE64C8}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{B7598F0E-FD70-4CA9-99CA-3F8A46B9F864}C:\spiele\ea sports\fifa 11 demo\game\fifa.exe" = protocol=17 | dir=in | app=c:\spiele\ea sports\fifa 11 demo\game\fifa.exe |
"UDP Query User{BFA27188-4C98-4851-A3E2-89F8A754E553}C:\spiele\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\spiele\tmnationsforever\tmforever.exe |
"UDP Query User{D8ED2EEE-80D7-4046-8BB3-CFC579823C38}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{DBBE0797-8BC7-4E05-8486-CB1B69C3271B}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{E1299DC7-D555-40BA-8CD5-5DE6D18C8222}C:\users\patrick\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\patrick\appdata\roaming\spotify\spotify.exe |
"UDP Query User{F343A8BB-7583-49C6-AE0C-6E698B1C2ACE}C:\program files (x86)\route 66\route 66 sync\sync9loader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\sync9loader.exe |
"UDP Query User{F84EC18F-74F1-406E-8775-189E9E2A0E30}C:\spiele\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\spiele\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{F9A44067-33D9-4D42-9472-470E948AC309}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2905D974-FADA-0FB1-7EB5-9427ED6F7A9E}" = ATI Catalyst Install Manager
"{2AAA4D8F-225B-C276-16A5-864DF9734D86}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007
"{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"7F973C87231D745EBF31E772CC38BB9B185D3819" = Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64)
"Connectify" = Connectify
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = msi Software Install
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C26A812-7DF7-BFA0-1D34-43D238037F61}" = CCC Help Chinese Traditional
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{230EECD6-C4EE-5F4B-69D1-17AAAC75A54A}" = Catalyst Control Center Core Implementation
"{24762012-C6C8-4AAD-A02D-71A009FA1683}" = Adobe Flash Player 10 ActiveX
"{25478065-4CB1-448C-80E4-8C4529017EE3}" = ArcSoft WebCam Companion 3
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BCA1AE7-5643-515F-D0DF-CFFD9020593E}" = Catalyst Control Center Graphics Full New
"{30884ACA-08CD-6523-075F-04D218DDB79C}" = Catalyst Control Center Localization All
"{349BCF52-CFD0-42E9-5BC6-CAE57588D71E}" = CCC Help Czech
"{3738545D-C7BF-7E5D-ED5B-53FE01C966AA}" = CCC Help Danish
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3AC7D217-D49D-AF05-DC3E-0F05F91EA746}" = ccc-core-static
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E76E61B-150E-AFDB-C841-C12016986170}" = CCC Help French
"{3EDD63B9-5A19-2182-63AE-BF79BA637F85}" = Catalyst Control Center Graphics Light
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4877FA7F-687F-947C-5983-5B40E492A7C7}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{521C9534-FE23-7DFD-82F7-F6E6CB3F8ACA}" = CCC Help Polish
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56BB8142-1794-0F23-6FE4-963F119D2083}" = Catalyst Control Center Graphics Full Existing
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6152EB38-DBA1-8B60-5E64-5D4115576599}" = CCC Help Norwegian
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6EAE176F-51F5-7F9A-7F7E-BC921531D796}" = CCC Help Japanese
"{6ECF91F0-002A-14F7-331C-3798C975B976}" = CCC Help German
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C25C80B-7F10-E662-6926-2A939761F5C8}" = Catalyst Control Center Graphics Previews Vista
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89202060-93AB-672C-477D-E8DEF46E8103}" = CCC Help Greek
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D73BCB1-DD24-816B-BF13-EA08DDF48D7C}" = Catalyst Control Center InstallProxy
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8E90189A-A5D4-4C0E-A908-06C4236F98EE}" = ArcSoft Magic-i Visual Effects 2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_HOMESTUDENTR_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_HOMESTUDENTR_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0410-1000-0000000FF1CE}_HOMESTUDENTR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0C0A-1000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_HOMESTUDENTR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{99750819-BDCB-7E89-E1B5-3A9C7D731BF5}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A310F46C-7E91-7CDD-1421-1AE260CE12EB}" = CCC Help Russian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA659DC5-F577-4364-903D-20C16DD4BDB3}" = Catalyst Control Center - Branding
"{BB9994D6-E795-6CC9-5CB2-D695FB21A746}" = PX Profile Update
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE1A2C04-6F14-4A16-B290-003769418AD9}" = ROUTE 66 Sync
"{BF54932F-23F6-3A4E-60EA-7AFF366CA8B8}" = CCC Help Hungarian
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5D7039E-0803-4FE8-976D-156DE1147E4F}" = ArcSoft Print Creations
"{C61DCDF8-D186-4386-F594-8E7A68D2D32D}" = CCC Help Spanish
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C6CD710D-1923-B80F-65C2-138DBDE28BC9}" = CCC Help Korean
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2C67402-46F1-4A17-5319-937E8A62F43D}" = CCC Help Chinese Standard
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E067DFD3-10DE-7D9B-24A0-CA55943AC43C}" = CCC Help Dutch
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1213853-C66B-B2A9-6AB4-34EC78702F1B}" = CCC Help Finnish
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E797EB9D-9E94-9136-B02D-8187E25FED44}" = CCC Help Thai
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F42B419C-78BD-024D-6617-27F09E22A1CF}" = CCC Help Portuguese
"{F5BCB227-3314-7F4B-19A3-9238615380F6}" = CCC Help English
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F932C96E-5C6C-20E8-EBAF-1DA5819EF0D1}" = CCC Help Swedish
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"avast" = avast! Internet Security
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"bwin Poker JPC_is1" = bwin Poker JPC 1.0.0
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Setup" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"FKL 4" = Family Keylogger v4.88 (remove only)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{BE1A2C04-6F14-4A16-B290-003769418AD9}" = ROUTE 66 Sync
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"New C Series Screensaver" = New C Series Screensaver
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"SumatraPDF" = SumatraPDF
"TmNationsForever_is1" = TmNationsForever
"TVersity Codec Pack" = TVersity Codec Pack 1.7
"TVersity Media Server" = TVersity Media Server 1.9.7
"VLC media player" = VLC media player 2.0.1
"Volumouse" = NirSoft Volumouse
"vShare.tv plugin" = vShare.tv plugin 1.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Patrick)
"CodeBlocks" = CodeBlocks
"Dropbox" = Dropbox
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/10/2012 10:10:30 AM | Computer Name = PatrickS | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
pack\search helper\searchhelper.dll" in Zeile 2. Ungültige XML-Syntax.
Error - 6/17/2012 1:08:00 PM | Computer Name = PatrickS | Source = Google Update | ID = 20
Description =
Error - 6/18/2012 8:43:39 AM | Computer Name = PatrickS | Source = Google Update | ID = 20
Description =
Error - 6/19/2012 10:22:06 AM | Computer Name = PatrickS | Source = Google Update | ID = 20
Description =
Error - 6/19/2012 12:05:15 PM | Computer Name = PatrickS | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 6/19/2012 12:07:51 PM | Computer Name = PatrickS | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
pack\search helper\searchhelper.dll" in Zeile 2. Ungültige XML-Syntax.
Error - 6/20/2012 9:38:45 AM | Computer Name = PatrickS | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: APSDaemon.exe, Version: 2.1.19.1,
Zeitstempel: 0x4f3a19cc Name des fehlerhaften Moduls: APSDaemon_main.dll, Version:
2.1.19.1, Zeitstempel: 0x4f3de559 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000082f0
ID
des fehlerhaften Prozesses: 0xfa0 Startzeit der fehlerhaften Anwendung: 0x01cd4d9d4a6fc4a6
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Apple\Apple Application
Support\APSDaemon.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common
Files\Apple\Apple Application Support\APSDaemon_main.dll Berichtskennung: 4147d00b-badd-11e1-81e9-fc78a10dc9d3
Error - 6/22/2012 12:02:56 PM | Computer Name = PatrickS | Source = Google Update | ID = 20
Description =
Error - 6/24/2012 10:30:14 AM | Computer Name = PatrickS | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 6/24/2012 10:32:31 AM | Computer Name = PatrickS | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
pack\search helper\searchhelper.dll" in Zeile 2. Ungültige XML-Syntax.
[ Cisco AnyConnect VPN Client Events ]
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: CTransportWinInet::SendRequest File: .\CTransportWinInet.cpp
Line:
1313 Invoked Function: CTransportWinInet::SendRequest Return Code: 12002 (0x00002EE2)
Description:
Das Zeitlimit für den Vorgang wurde erreicht.
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectIfc::connect File: .\ConnectIfc.cpp Line: 349 Invoked
Function: CTransport::SendRequest Return Code: -29949906 (0xFE37002E) Description:
CTRANSPORT_ERROR_TIMEOUT
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectIfc::TranslateStatusCode File: .\ConnectIfc.cpp Line:
2703 Invoked Function: ConnectIfc::TranslateStatusCode Return Code: -29949906 (0xFE37002E)
Description:
timeout
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectMgr::connect File: .\ConnectMgr.cpp Line: 989 Invoked
Function: ConnectIfc::connect Return Code: -29949906 (0xFE37002E) Description: CTRANSPORT_ERROR_TIMEOUT
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectMgr::processIfcData File: .\ConnectMgr.cpp Line: 1208
Invoked
Function: ConnectMgr :: processIfcData Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED Unrecognized content type (Unknown) received.
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectMgr::processIfcData File: .\ConnectMgr.cpp Line: 1234
Invoked
Function: ConnectMgr :: processIfcData Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED Unable to process response from tserver1.rheinahrcampus.de.
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectMgr::processIfcData File: .\ConnectMgr.cpp Line: 1315
Invoked
Function: ConnectMgr::processIfcData Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED Unable to contact tserver1.rheinahrcampus.de.
Error - 10/12/2010 8:07:39 AM | Computer Name = PatrickS | Source = vpnagent | ID = 67110873
Description = Termination reason code 7: The agent has been stopped.
Error - 10/12/2010 8:07:39 AM | Computer Name = PatrickS | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::getDownloaderMessage File: .\MainThread.cpp Line:
964 Invoked Function: CVpnMgr::processEvents Return Code: 0 (0x00000000) Description:
fatal error, stopping service
Error - 10/12/2010 8:07:39 AM | Computer Name = PatrickS | Source = vpnagent | ID = 67108866
Description = Function: service_main_NT File: .\Agent.cpp Line: 674 Invoked Function:
WaitForSingleObject Return Code: 6 (0x00000006) Description: Das Handle ist ungültig.
[ System Events ]
Error - 7/3/2012 3:09:19 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen vflt
Error - 7/3/2012 3:11:24 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 7/3/2012 3:11:24 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7001
Description = Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%2
Error - 7/3/2012 4:30:02 PM | Computer Name = PatrickS | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?07.?2012 um 21:22:02 unerwartet heruntergefahren.
Error - 7/3/2012 4:29:54 PM | Computer Name = PatrickS | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 7/3/2012 4:30:11 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen vflt
Error - 7/3/2012 4:32:27 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 7/3/2012 4:32:27 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7001
Description = Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%2
Error - 7/3/2012 4:32:31 PM | Computer Name = PatrickS | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{DE079886-8D4C-4805-9951-B9B08F64DE77} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 7/3/2012 4:32:39 PM | Computer Name = PatrickS | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{DE079886-8D4C-4805-9951-B9B08F64DE77} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
< End of report >
|
| Themen zu S.M.A.R.T. Repair & Google Redirect-Trojaner/Virus |
| antivir, avast antivirus, bonjour, browser, computer, danke für eure hilfe!, device driver, error, fatal error, festplatte, firefox, firefox 13.0.1, flash player, google, google earth, home, iexplore.exe, igdpmd64.sys, install.exe, lesefehler, limewire, limited.com/facebook, microsoft office word, office 2007, plug-in, popup, problem, richtlinie, rootkit.tdss, rootkit.tdss.64, searchscopes, software, svchost.exe, windows |
Baum-Darstellung