| |
| |||||||
Log-Analyse und Auswertung: Trojan.FakeMS und KillProc.AWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
27.07.2012, 10:21
| #1 |
 |  Trojan.FakeMS und KillProc.A Hallo liebe Forum Mitglieder. Ich habe mich gerade registriert, da ich Hilfe zu dem o.g. Trojaner (?) benötige. Wie kann ich vorgehen? Antivir hat sich heute erstmals gemeldet. Nach dem Scan mit eset wurden noch diverse andere Probleme gefunden. Wenn ich diese Dateien mit Malwarebytes teste, scheinen jedoch keine Probleme vorhanden zu sein. Wer kann mir helfen? Vorab vielen Dank und hier die Logfiles: Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.27.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 PC :: PC-PC [Administrator] 27.07.2012 07:40:42 mbam-log-2012-07-27 (09-04-47).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 393959 Laufzeit: 1 Stunde(n), 15 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 4 C:\Users\PC\Downloads\SoftonicDownloader_fuer_pc-wizard.exe (PUP.ToolbarDownloader) -> Keine Aktion durchgeführt. C:\Users\PC\Downloads\SoftonicDownloader_fuer_windows-live-photo-gallery.exe (PUP.ToolbarDownloader) -> Keine Aktion durchgeführt. C:\Users\PC\Downloads\Drum Computer\SoftonicDownloader_fuer_fl-studio.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt. C:\Windows\winsxs\x86_netfx-debugging_msdia70_b03f5f7f11d50a3a_6.1.7600.16385_none_a5658c87d101b1b3\diasymreader.dll (Trojan.FakeMS) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter C:\Program Files (x86)\Vuze\Azureus21.jar.bak Java/IRCBot.A Trojaner
C:\Users\PC\AppData\Local\VirtualStore\Program Files (x86)\Vuze\Azureus2_4.1.0.5_B05_DDJ.jar Java/IRCBot.A Trojaner
C:\Users\PC\AppData\Roaming\OpenCandy\OpenCandy_AFBBD2C51E064FF6B7F4836EB52C483E\p1v1_PPIRegistryReviver_w.exe Variante von Win32/SlowPCfighter Anwendung
C:\Users\PC\AppData\Roaming\OpenCandy\OpenCandy_AFBBD2C51E064FF6B7F4836EB52C483E\PPIRegistryReviverSetup.exe Variante von Win32/SlowPCfighter Anwendung
C:\Users\PC\Downloads\SoftonicDownloader_fuer_pc-wizard.exe Win32/SoftonicDownloader.D Anwendung
C:\Users\PC\Downloads\SoftonicDownloader_fuer_windows-live-photo-gallery.exe Win32/SoftonicDownloader.D Anwendung
C:\Users\PC\Downloads\alte Downloads\Setup_FreeFlvConverter.exe Win32/Toolbar.Widgi Anwendung
C:\Users\PC\Downloads\alte Downloads\Setup_FreeVideoConverter.exe Win32/Toolbar.Widgi Anwendung
C:\Users\PC\Downloads\Drum Computer\SoftonicDownloader_fuer_fl-studio.exe Variante von Win32/SoftonicDownloader.A Anwendung
C:\Windows\FixCamera.exe Variante von Win32/KillProc.A Anwendung
Arbeitsspeicher Variante von Win32/KillProc.A Anwendung
|
|
28.07.2012, 08:06
| #2 | ||
| /// Helfer-Team    | Trojan.FakeMS und KillProc.A Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
2. Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
► Wenn Du nun alle Schritte erledigt hast, melde dich mit die gewünschten Ergebnisse zurück! Nur bei Probleme inzwischen melden! Zitat:
kira
__________________ |
|
28.07.2012, 12:40
| #3 |
| | Trojan.FakeMS und KillProc.A Vielen Dank für die schnelle Antwort. Hier nun die Dateien:
__________________Code:
ATTFilter OTL logfile created on: 28.07.2012 12:35:46 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\PC\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 56,11% Memory free 8,00 Gb Paging File | 5,68 Gb Available in Paging File | 71,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 367,56 Gb Free Space | 78,93% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\PC\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe (www.bid-o-matic.org) PRC - C:\Windows\vsnp325.exe () PRC - C:\Windows\tsnp325.exe () PRC - C:\Windows\FixCamera.exe () PRC - C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetect.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\vsnp325.exe () MOD - C:\Windows\tsnp325.exe () MOD - C:\Windows\FixCamera.exe () ========== Win32 Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (KSS) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO) SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AVM IGD CTRL Service) -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) SRV - (de_serv) -- C:\Program Files (x86)\Common Files\AVM\De_serv.exe (AVM Berlin) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (TASCAM_US600_USB) -- C:\Windows\SysNative\drivers\tus600_u.sys (TASCAM) DRV:64bit: - (TASCAM_US600_WDM) -- C:\Windows\SysNative\drivers\tus600_a.sys (TASCAM) DRV:64bit: - (TASCAM_US600_MIDI) -- C:\Windows\SysNative\drivers\tus600_m.sys (TASCAM) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (LgBttPort) -- C:\Windows\SysNative\drivers\lgbtpt64.sys (LG Electronics Inc.) DRV:64bit: - (LGVMODEM) -- C:\Windows\SysNative\drivers\lgvmdm64.sys (LG Electronics Inc.) DRV:64bit: - (lgbusenum) -- C:\Windows\SysNative\drivers\lgbtbs64.sys (LG Electronics Inc.) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64k.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (FlashUSB) -- C:\Windows\SysNative\drivers\FlashUSB_x64.sys (Danish Wireless Design A/S) DRV:64bit: - (USBModem) -- C:\Windows\SysNative\drivers\lgx64modem.sys (LG Electronics Inc.) DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\drivers\lgx64diag.sys (LG Electronics Inc.) DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.) DRV:64bit: - (SNP325) -- C:\Windows\SysNative\drivers\snp325.sys (Sonix Co. Ltd.) DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo) DRV:64bit: - (SynasUSB) -- C:\Windows\SysNative\drivers\synUSB64.sys (SIA Syncrosoft) DRV - (StarOpen) -- C:\Windows\SysWow64\StarOpen.sys () DRV - (HWiNFO32) -- C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS (REALiX(tm)) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (FlashUSB) -- C:\Windows\SysWOW64\drivers\FlashUsb_x64.sys (Danish Wireless Design A/S) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 E8 71 C7 18 B0 CA 01 [binary data] IE - HKCU\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\ [2010.05.26 16:58:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.06.10 16:08:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.17 23:04:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.15 12:47:40 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.17 23:04:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.15 12:47:40 | 000,000,000 | ---D | M] [2011.08.25 15:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions [2011.08.25 15:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011.05.27 07:30:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de [2012.07.27 08:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions [2012.04.08 10:24:43 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012.06.27 07:46:28 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2012.05.18 12:26:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011.03.24 14:35:19 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.07.17 05:53:26 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2012.06.28 09:06:20 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2011.03.30 06:54:21 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\engine@conduit.com [2012.06.27 07:48:10 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\https-everywhere@eff.org [2010.11.26 14:43:12 | 000,000,000 | ---D | M] ("BlackSheep") -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\jsobrier@zscaler.com [2012.07.15 14:04:18 | 000,000,000 | ---D | M] (loadtbs) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\software@loadtubes.com [2012.07.27 12:05:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012.07.17 23:04:18 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.07.15 12:47:35 | 000,378,880 | ---- | M] (InfiniAd GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll [2012.06.10 16:08:28 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2011.10.01 15:04:10 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.01 15:04:10 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.01 15:04:10 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.01 15:04:10 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.01 15:04:10 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.01 15:04:10 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.02.26 10:43:30 | 000,441,415 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 15170 more lines... O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (SplitButtonBHO Class) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin) O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - InprocServer32 - No CLSID value found. O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - Reg Error: Value error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - Reg Error: Value error. File not found O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [snp325] C:\Windows\vsnp325.exe () O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe () O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [tsnp325] C:\Windows\tsnp325.exe () O4 - HKCU..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO) O4 - HKCU..\Run: [SkyDrive] C:\Users\PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [Uninstall C:\Users\PC\AppData\Local\Microsoft\SkyDrive\16.4.3347.0416_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PC\AppData\Local\Microsoft\SkyDrive\16.4.3347.0416_1" File not found O4 - HKCU..\RunOnce: [Uninstall C:\Users\PC\AppData\Local\Microsoft\SkyDrive\16.4.3347.0416_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PC\AppData\Local\Microsoft\SkyDrive\16.4.3347.0416_1\amd64" File not found O4 - Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic.exe - Verknüpfung.lnk = C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe (www.bid-o-matic.org) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8:64bit: - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm () O8:64bit: - Extra context menu item: LG Link Air Option - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:64bit: - Extra context menu item: LG Link Air Save to Mobile Document Folder - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:64bit: - Extra context menu item: LG Link Air Save to Mobile Memo - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:64bit: - Extra context menu item: LG Link Air Save to Mobile Photo Album - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:64bit: - Extra context menu item: LG Link Air Set as Mobile Wallpaper - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm () O8 - Extra context menu item: LG Link Air Option - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Link Air Save to Mobile Document Folder - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Link Air Save to Mobile Memo - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Link Air Save to Mobile Photo Album - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Link Air Set as Mobile Wallpaper - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O9:64bit: - Extra Button: FRITZ!Box AddOn - {328ECD19-C167-40eb-A0C7-16FE7634105F} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\FRITZ!DSL\SARAH.DLL (AVM Berlin) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (Reg Error: Key error.) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD19B5BE-7C64-4AB8-9B5A-944A9C86D52D}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ipp - No CLSID value found O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{a432af65-68d5-11df-ad5d-90e6bac11b45}\Shell - "" = AutoRun O33 - MountPoints2\{a432af65-68d5-11df-ad5d-90e6bac11b45}\Shell\AutoRun\command - "" = E:\LGAutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.27 12:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.07.27 12:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012.07.27 12:07:23 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.07.27 12:07:06 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.07.27 12:07:06 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.07.27 09:08:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.07.27 08:57:21 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\aaa_Logdateien [2012.07.27 07:29:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\vlc [2012.07.27 07:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.07.17 07:22:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlotSoft [2012.07.15 15:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.07.15 15:01:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.07.15 15:01:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.07.15 15:01:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.07.15 12:47:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\convert [2012.07.15 12:47:36 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\loadtbs [2012.07.15 12:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript [2012.07.15 12:30:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gs [2012.07.15 12:28:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Scribus [2012.07.15 12:19:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\fontconfig [2012.07.15 12:19:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\gegl-0.2 [2012.07.15 12:19:41 | 000,000,000 | ---D | C] -- C:\Users\PC\.gimp-2.8 [2012.07.15 12:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2012.07.12 22:55:53 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan [2012.07.12 22:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012.07.12 22:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2012.07.11 06:30:15 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.07.11 06:30:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.07.11 06:30:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.07.11 06:30:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.07.11 06:30:14 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.07.11 06:30:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.07.11 06:30:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.07.11 06:30:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.07.11 06:30:12 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.07.11 06:30:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.07.11 06:30:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.07.11 06:30:12 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.07.11 06:30:12 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.07.11 06:00:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.07.11 06:00:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.07.11 06:00:19 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.07.11 06:00:06 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.07.11 06:00:05 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2010.08.14 20:16:01 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\PC\AppData\Roaming\pcouffin.sys [2010.08.04 16:51:06 | 011,405,816 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Program Files (x86)\Videos schneiden.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.07.28 12:26:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.28 11:50:05 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.28 11:50:05 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.28 11:45:01 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.28 11:41:21 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.28 11:41:08 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\Registry Reviver64-PC-Startup.job [2012.07.28 11:41:08 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\CheckDriveBackgroundGuard.job [2012.07.28 11:40:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.28 11:40:45 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2012.07.27 12:07:00 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.07.27 12:07:00 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.07.27 11:51:40 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.07.27 11:51:39 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.07.27 07:39:34 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.27 07:28:55 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.07.15 15:02:06 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.07.15 13:11:51 | 000,002,018 | ---- | M] () -- C:\Users\PC\Documents\cc_20120715_131149.reg [2012.07.12 22:58:54 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.07.12 22:55:44 | 000,001,037 | ---- | M] () -- C:\Users\PC\Desktop\Kaspersky Security Scan.lnk [2012.07.11 06:48:21 | 000,355,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.07.05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.02 07:11:39 | 000,003,732 | ---- | M] () -- C:\Users\PC\Documents\cc_20120702_071128.reg [2012.06.28 18:53:18 | 001,512,418 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.28 18:53:18 | 000,658,988 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.28 18:53:18 | 000,620,174 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.28 18:53:18 | 000,132,558 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.28 18:53:18 | 000,108,356 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.07.27 07:39:34 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.27 07:28:55 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.07.15 15:02:06 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.07.15 13:11:50 | 000,002,018 | ---- | C] () -- C:\Users\PC\Documents\cc_20120715_131149.reg [2012.07.12 22:55:53 | 000,001,037 | ---- | C] () -- C:\Users\PC\Desktop\Kaspersky Security Scan.lnk [2012.07.02 07:11:29 | 000,003,732 | ---- | C] () -- C:\Users\PC\Documents\cc_20120702_071128.reg [2012.05.12 08:27:20 | 000,035,578 | ---- | C] () -- C:\Windows\wininit.ini [2012.03.03 11:06:39 | 000,393,256 | ---- | C] () -- C:\Windows\SysWow64\CNQ2414N.DAT [2012.02.29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.12.19 07:38:48 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll [2011.10.12 18:28:35 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys [2011.10.12 18:26:25 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg [2011.10.11 14:14:27 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll [2011.10.11 14:13:04 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2011.10.11 14:12:33 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.10.11 14:03:27 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe [2011.03.17 11:37:01 | 000,000,195 | ---- | C] () -- C:\Windows\cdplayer.ini [2010.12.30 11:47:40 | 000,005,536 | ---- | C] () -- C:\Users\PC\AppData\Roaming\mdbu.bin [2010.12.27 20:13:12 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe [2010.12.27 20:13:12 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe [2010.12.27 20:13:12 | 000,147,456 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp325.dll [2010.12.27 20:13:12 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpx32.dll [2010.12.27 20:13:12 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini [2010.12.27 19:53:09 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe [2010.12.27 19:53:08 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnp325.dll [2010.12.27 19:53:08 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\csnp325.dll [2010.12.24 18:03:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.08.14 20:16:01 | 000,099,384 | ---- | C] () -- C:\Users\PC\AppData\Roaming\inst.exe [2010.08.14 20:16:01 | 000,007,859 | ---- | C] () -- C:\Users\PC\AppData\Roaming\pcouffin.cat [2010.08.14 20:16:01 | 000,001,167 | ---- | C] () -- C:\Users\PC\AppData\Roaming\pcouffin.inf [2010.08.14 19:58:16 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.08.11 21:33:56 | 000,000,017 | ---- | C] () -- C:\Users\PC\AppData\Local\resmon.resmoncfg [2010.02.19 17:22:48 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.02.19 17:22:48 | 000,000,008 | RHS- | C] () -- C:\ProgramData\0A3C2BC4D1.sys [2010.02.19 16:41:55 | 004,096,000 | ---- | C] () -- C:\Users\PC\FRITZ.Box_Fon_5140.AnnexB.43.04.67.image [2010.02.19 16:41:20 | 000,000,278 | ---- | C] () -- C:\Users\PC\plakat.pdf [2010.02.19 16:40:59 | 000,310,784 | ---- | C] () -- C:\Users\PC\Wochenbericht G-u-KBP.dot < End of report > Code:
ATTFilter OTL Extras logfile created on: 28.07.2012 12:35:46 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\PC\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 56,11% Memory free
8,00 Gb Paging File | 5,68 Gb Available in Paging File | 71,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 367,56 Gb Free Space | 78,93% Space Free | Partition Type: NTFS
Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CA19AFF-E8BA-4F63-B564-ABEBD8BB538E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E0F723F-2200-463D-B346-3FCBF9F92E15}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2AB0F014-F3FA-444D-907B-C8DA2F5DEFCB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3093D4A2-6985-40B4-9DF0-8B1F7DBF391F}" = lport=445 | protocol=6 | dir=in | app=system |
"{31F9D71E-B52E-4DCC-857C-022037A3B7D2}" = lport=139 | protocol=6 | dir=in | app=system |
"{33D30A0C-7853-4A13-BB13-3FEA5445518B}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{35810557-1505-4670-A3CF-D162B362788A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{36C8ED95-DC42-438A-9645-AFFB53216DBF}" = rport=138 | protocol=17 | dir=out | app=system |
"{45B3998A-F58E-4C57-9D84-F2D54756E02F}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{473E977A-97FD-41BC-A8B1-D98DD6BB3D23}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5234CF93-EC21-4641-93F5-72865D97BD1D}" = rport=445 | protocol=6 | dir=out | app=system |
"{55834602-12E1-4138-B78D-90C1F3E16A44}" = lport=10244 | protocol=6 | dir=in | app=system |
"{5739DD9B-03DF-4B1B-9524-F39206E96166}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{58194209-13B5-45A9-AD97-02A0F3F64718}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5ABBAA5B-A45E-44E4-B93E-2100018C14F2}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61DDA960-DB60-4A72-B2B0-D091A4B87F94}" = lport=138 | protocol=17 | dir=in | app=system |
"{688D9EDB-2181-47B0-A213-11B060C9E5C5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6C0096F9-0D8D-47FE-831A-BE5CC7B5BAF8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7BA80F4E-7336-4CA4-B95E-CD6AEAE97B4E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{98C39C1D-61B0-4521-B0B0-ED0516699B92}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{993451DF-6D29-4D8C-850A-98508B46A2F6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9D7A2162-BE09-4696-B1A4-F8A85E17323D}" = rport=137 | protocol=17 | dir=out | app=system |
"{9F4A14A9-AB35-4E71-BD6B-A0B47A0086F8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A2D29E3D-BC02-40E5-846A-7D6E0424D924}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AEB388D0-70E6-4E95-8A8B-5846A51C0FE6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B1C6C485-6BA2-40D2-A8E1-76F55115AFBA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B27C9111-46E9-4EC5-9247-062B856E8F0C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BEB97C45-C97E-4243-B6C6-59E74D0F7BC3}" = rport=139 | protocol=6 | dir=out | app=system |
"{CF598BDE-8F0A-478D-B986-6CC42041A230}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D46D1F06-5D60-413F-9210-4F37D50805F1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E5866403-B3D0-4423-B926-4BAFF6144295}" = lport=3390 | protocol=6 | dir=in | app=system |
"{E7721098-473D-4D28-AF33-A125FBF26895}" = lport=80 | protocol=6 | dir=in | name=http |
"{F825B32F-9458-4E6E-B03D-4D7FDAD28DB1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FB35224C-856E-492C-B908-8C481052EC8E}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E48F17-4CAA-48AF-B7D5-BF5B8D433752}" = protocol=6 | dir=in | app=c:\users\pc\appdata\local\microsoft\skydrive\skydrive.exe |
"{04C0D250-AD8F-4893-B6A4-8D6BD676021A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{068908C6-F8D7-43D7-897B-16A7D25AE0D4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0DA5EFD8-EBD5-42F3-A692-F629405111D7}" = protocol=17 | dir=in | app=c:\program files (x86)\7-zip\7zfm.exe |
"{185FC758-2CA2-4A3A-A784-03361E65305F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1DACCB1D-3EB3-4917-AABB-9414A3B79DFE}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{20D6BE7B-E9FA-4C26-B153-323C2F494BAB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2172C87D-0F87-44D9-BCCF-19D6AEED5228}" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\igdctrl.exe |
"{2C277C3D-290B-41A9-9722-FB9087715F02}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{2DBD8CBF-EF36-4488-A364-57CE114A3C81}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{2EE4772E-1B63-44DF-BF2A-9C04D3D237EC}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{30F863D6-8EED-424B-9F2F-1BA4A79F1424}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3723E059-9671-4AD5-81E7-98A316D6E89B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37D2D7F9-CFD0-471B-92B1-17520E59D88A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{40DEC8DF-10CA-46C5-9A4B-869DA6429892}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{45F9C0D9-9A73-4D0D-A888-235184808334}" = protocol=17 | dir=in | app=c:\users\pc\appdata\local\microsoft\skydrive\skydrive.exe |
"{48554E90-3C21-4E3D-A6D6-4A81F377F653}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{4886E396-8B77-4BBF-B8E5-B879D06CB17D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5080F639-C5D0-4AB9-8AF2-F6F8BF1C9377}" = protocol=6 | dir=out | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{6058CC66-DE8F-477A-8FFD-7F6ED076D3A6}" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\igdctrl.exe |
"{73ED72F1-18D0-40DE-A527-7A50F952CF5A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{76F47914-4ACD-4AB9-AE89-D35567D39725}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{7B223445-93E1-4A3E-988C-D7698824FDA9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{832A3DE0-7597-402E-A671-71E057ADEDC5}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{91B2A936-0F5A-47C7-B342-0B3C48A4E1B3}" = protocol=6 | dir=in | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{9219CB48-3D86-4FAD-B2D9-0B8064A658E6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9495A0CA-3A7A-45BE-8857-87B03FC486F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B4790ED-4270-4CF5-81E3-149170F66AF3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9DE10F78-07A5-4B6F-94DA-EF1D6125E91A}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{9EFE917D-7481-4735-A450-14675DF117FD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A0025C5E-E9C5-4E54-BA74-F204427C95EA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A80E790D-18B1-4553-B3F0-ECF68450076D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A8B4029E-FEDB-4F1F-8503-BD5ECD904F68}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ADA746FC-995A-4120-A998-2D111B623686}" = protocol=6 | dir=in | app=c:\program files (x86)\7-zip\7zfm.exe |
"{B69F9EC4-F498-44E5-A6E4-B31ACD0A8594}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BF301432-2F85-4E2D-B66D-AC06AB30D0EA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C082B9BD-B890-4F54-9E7A-F6C0C1D0FB41}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{C484DCFB-0551-4982-88C8-2B02EA5C8219}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF1B650B-A858-4BE2-A409-0558B8026468}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D3F3A5A8-DF17-4003-BFCA-7EE60C33E5CC}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{D659D5B4-48E3-4BC8-A9A8-6BB689ED84EA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DDAF6C34-A84E-4BC3-8A5A-4727524CF636}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E21832C9-B86E-4008-BE9F-8AC1C0AFC5E7}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E271FBEB-5066-4470-95A7-93F2DDFCB398}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E6AA079C-D201-491D-A6AC-51722486CCCE}" = dir=in | app=%programfiles% (x86)\bitcomet\bitcomet.exe |
"{E7A6723C-DB07-4C54-BB5B-364B2C2D3D9C}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{E902E49D-BF64-4ACE-B67C-B2E917C1396A}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{E9984F1A-9E5B-4C2F-83D9-154D92D3C6A8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ED8B444C-7F1B-4FDB-A8DF-E21E38361CA3}" = protocol=6 | dir=out | app=system |
"{EEE3BA47-1F8D-4189-A871-6B9640DE7969}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F673C2A9-CA03-4E30-BBE1-883A409E72FD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F8026174-2251-45C0-8164-E5363CD54FFB}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{FC0AA08A-9968-436B-86FA-3E2EA625F05C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{3D8CA430-E59E-49D1-85D8-57A2E42A9ECC}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{5F8C5D00-9681-499A-B524-1FACD02A04DF}C:\program files (x86)\fritz!dsl\webwaigd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\webwaigd.exe |
"TCP Query User{84C246C1-B151-4EA7-A824-5295EC08B68C}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{886F1FB2-E341-4C0B-99FB-816140CD4A85}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"TCP Query User{93C118A2-3D9D-4218-92B1-20493638DCEA}C:\users\pc\downloads\alte downloads\cityville\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\users\pc\downloads\alte downloads\cityville\cityvillebot\cvbot.exe |
"TCP Query User{99D4B6DB-F406-4065-9296-AC9F814A20F4}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{A2F59E22-0063-4BE8-87E8-CF2224D27C22}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{A8954309-E517-48D2-90F2-57563E428D4A}C:\users\pc\downloads\cityville\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\users\pc\downloads\cityville\cityvillebot\cvbot.exe |
"TCP Query User{AED68D42-308C-42DA-9FA4-1C2689DD7E40}C:\users\pc\downloads\alte downloads\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\users\pc\downloads\alte downloads\cityvillebot\cvbot.exe |
"TCP Query User{BFB31E0E-658B-4143-B7C7-4B4162A436F6}C:\program files (x86)\fritz!dsl\fboxupd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\fboxupd.exe |
"TCP Query User{F9245826-B287-4A8D-AA3D-F00B28895577}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{1420F10E-9F68-485A-B293-8687312A75A5}C:\program files (x86)\fritz!dsl\webwaigd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\webwaigd.exe |
"UDP Query User{1A2BD9F9-79C7-4FE9-B8CE-ADEAA7A97366}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{2B71651B-2CAD-4594-BD0E-A10D61358453}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{534F82AE-11E7-4CAF-8315-1D80AD9A92A8}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{545181FB-2E81-4800-A5F7-33AB7CA39B11}C:\users\pc\downloads\alte downloads\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\users\pc\downloads\alte downloads\cityvillebot\cvbot.exe |
"UDP Query User{80A8C5D5-62BB-44B0-A095-FCB939A9DB49}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{89086524-6DB1-4674-8416-0EE2D2404A25}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{A3BDCA30-1B16-42BF-8E16-1698B9C7161A}C:\program files (x86)\fritz!dsl\fboxupd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\fboxupd.exe |
"UDP Query User{AEF23E1D-AB3C-4E4B-98D6-EB26A67FF655}C:\users\pc\downloads\alte downloads\cityville\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\users\pc\downloads\alte downloads\cityville\cityvillebot\cvbot.exe |
"UDP Query User{C0E41729-B372-4B89-A274-36B601F9F49E}C:\users\pc\downloads\cityville\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\users\pc\downloads\cityville\cityvillebot\cvbot.exe |
"UDP Query User{C7132DC0-626C-4E96-85F7-AF8984B12BD4}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414" = CanoScan LiDE 110 Scanner Driver
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C74A84EC-7C5F-4C36-A4A6-381E516D643B}" = Microsoft IntelliPoint 7.0
"{CFB4DE27-AEED-4B12-8A3C-A77EBF1AFDDD}" = AVM FRITZ!Box AddOn (IE) (x64)
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"81AE60DDD229A248055515E311406D86F7E4012A" = Windows-Treiberpaket - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SP6" = Logitech SetPoint 6.15
"USB_AUDIO_DEusb-audio.deTascamUS600" = US-600 driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{0AF6CFBC-02CB-4B7F-B71D-7B1DBE8A5E7B}" = LG PC Suite II
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50C78780-1A54-4A5C-B3A7-FF828C62C5C2}" = Steinberg Cubase LE 5
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6816248D-510A-45F8-AC79-24FF2C3A5D7F}" = LG Android Platform Drivers
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F6E16CA-6157-4B67-962F-2B501A8C8EA6}" = Garmin Lifetime Updater
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C04D5974-F528-4347-A494-EAF56124CC1A}" = Steinberg HALionOne Essential Set
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML (Private Edition)
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = hama PC-Webcam RW-100
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"7-Zip" = 7-Zip 9.20
"AbcNavigator 2_is1" = AbcNavigator 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AP Tuner 3.08" = AP Tuner 3.08
"ASIO4ALL" = ASIO4ALL
"AudioCon" = AudioCon
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin (64 bit)
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"BestPractice" = BestPractice (remove only)
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"CanonSolutionMenuEX" = Canon Solution Menu EX
"cdrtools Frontend_is1" = cdrtfe 1.3.8
"conduitEngine" = Conduit Engine
"eLicenser Control" = eLicenser Control
"ElsterFormular für Privatanwender 12.1.0.6164p" = ElsterFormular-Update
"ESET Online Scanner" = ESET Online Scanner v3
"Free FLV Converter_is1" = Free FLV Converter V 6.91.0
"Free Video Converter_is1" = Free Video Converter V 2.5
"FRITZ!DSL" = AVM FRITZ!DSL
"Guitar Pro 5_is1" = Guitar Pro 5.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HWiNFO32_is1" = HWiNFO32 Version 3.50
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"LG PC Suite IV" = LG PC Suite IV
"loadtbs-3.0" = loadtbs-3.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Personal Backup 5_is1" = Personal Backup 5.3
"RealPlayer 15.0" = RealPlayer
"SopCast" = SopCast 3.4.8
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.06.2012 07:21:57 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\SoftonicDownloader_fuer_windows-live-photo-gallery.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 01.07.2012 13:00:01 | Computer Name = PC-PC | Source = Windows Backup | ID = 4103
Description =
Error - 02.07.2012 23:51:21 | Computer Name = PC-PC | Source = Bonjour Service | ID = 100
Description = ERROR: mDNSPlatformReadTCP - recv: 10053
Error - 02.07.2012 23:51:21 | Computer Name = PC-PC | Source = Bonjour Service | ID = 100
Description = 476: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error - 12.07.2012 16:54:07 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\SoftonicDownloader_fuer_windows-live-photo-gallery.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 12.07.2012 16:54:09 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\SoftonicDownloader_fuer_pc-wizard.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 21.07.2012 01:39:42 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_265.exe,
Version: 11.3.300.265, Zeitstempel: 0x4febd5ac Name des fehlerhaften Moduls: unknown,
Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset:
0x00000000 ID des fehlerhaften Prozesses: 0x1198 Startzeit der fehlerhaften Anwendung:
0x01cd6700880aeab4 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 780febc5-d2f6-11e1-b3c6-90e6bac11b45
Error - 27.07.2012 06:11:40 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\SoftonicDownloader_fuer_pc-wizard.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 27.07.2012 06:11:40 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\SoftonicDownloader_fuer_windows-live-photo-gallery.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 27.07.2012 06:19:52 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\Drum
Computer\SoftonicDownloader_fuer_fl-studio.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
[ System Events ]
Error - 25.07.2012 23:52:47 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 13:03:19 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 13:03:31 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 13:03:41 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 13:03:51 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 13:04:01 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 23:53:10 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 23:53:20 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 23:53:30 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 23:53:40 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
< End of report >
Code:
ATTFilter 7-Zip 9.20 12.02.2012 7-Zip 9.20 (x64 edition) Igor Pavlov 12.02.2012 3,45MB 9.20.00.0 AbcNavigator 2.0 Groink, Inc. 12.04.2011 Adobe AIR Adobe Systems Incorporated 22.04.2012 3.2.0.2070 Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 26.07.2012 6,00MB 11.3.300.268 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 26.07.2012 6,00MB 11.3.300.268 Adobe Photoshop Elements 2.0 Adobe Systems, Inc. 20.02.2010 2.0 Adobe Reader X (10.1.3) - Deutsch Adobe Systems Incorporated 09.04.2012 168,3MB 10.1.3 Adobe Shockwave Player 11.6 Adobe Systems, Inc. 26.07.2012 11.6.5.635 Adobe SVG Viewer 3.0 Adobe Systems, Inc. 20.02.2010 3.0 AP Tuner 3.08 25.10.2011 Apple Application Support Apple Inc. 14.07.2012 61,0MB 2.1.9 Apple Mobile Device Support Apple Inc. 14.07.2012 25,0MB 5.2.0.6 Apple Software Update Apple Inc. 01.01.2012 2,38MB 2.1.3.127 ASIO4ALL Michael Tippach 16.11.2010 2.10 AudioCon Basement Softworks 27.10.2010 1.0 Audiograbber 1.83 SE Audiograbber 16.12.2011 1.83 SE Audiograbber MP3-Plugin (64 bit) AG 15.12.2011 1.0 Auslogics Disk Defrag Auslogics Software Pty Ltd 20.02.2010 7,99MB version 3.1 Avira Free Antivirus Avira 08.05.2012 109,3MB 12.0.0.1125 AVM FRITZ!Box AddOn (IE) (x64) AVM Berlin 18.02.2010 3,71MB 1.5.5 AVM FRITZ!Box Dokumentation 18.02.2010 AVM FRITZ!DSL 18.02.2010 BestPractice (remove only) 16.01.2012 Biet-O-Matic v2.14.8 BOM Development Team 18.12.2011 6,84MB 2.14.8 Bonjour Apple Inc. 09.06.2012 2,00MB 3.0.0.10 Canon MP Navigator EX 4.0 02.03.2012 Canon Solution Menu EX 02.03.2012 CanoScan LiDE 110 Scanner Driver 02.03.2012 CCleaner Piriform 04.11.2010 3.00 cdrtfe 1.3.8 Oliver Valencia 03.08.2010 Conduit Engine Conduit Ltd. 26.12.2010 6.2.7.3 DivX Codec DivX, Inc. 18.02.2010 6.9.1 DriveImage XML (Private Edition) Runtime Software 01.03.2012 2.30 eLicenser Control Steinberg Media Technologies GmbH 11.10.2011 ElsterFormular-Update Landesfinanzdirektion Thüringen 04.01.2012 143.428MB 1.0 ESET Online Scanner v3 26.07.2012 Free FLV Converter V 6.91.0 Koyote Soft 03.08.2010 14,0MB 6.91.0.0 Free Video Converter V 2.5 Koyote Soft 03.08.2010 12,6MB 2.5.0.0 Garmin Lifetime Updater Garmin 06.08.2011 38,1MB 2.0.5 Google Earth Plug-in Google 16.01.2012 40,9MB 6.1.0.5001 Guitar Pro 5.0 Arobas Music 16.03.2010 hama PC-Webcam RW-100 Sonix 26.12.2010 0.1.0.000 HTC BMP USB Driver HTC 23.04.2012 0,28MB 1.0.5375 HTC Driver Installer HTC Corporation 23.04.2012 2,09MB 3.0.0.021 HTC Sync HTC Corporation 10.05.2012 47,0MB 3.2.20 HWiNFO32 Version 3.50 Martin Malík - REALiX 27.04.2010 2,73MB 3.50 Infineon USB driver 1.0.0.6 Infineon 25.05.2010 iTunes Apple Inc. 14.07.2012 182,7MB 10.6.3.25 Java(TM) 7 Update 5 Oracle 26.07.2012 99,3MB 7.0.50 JavaFX 2.1.1 Oracle Corporation 26.07.2012 20,9MB 2.1.1 Kaspersky Security Scan Kaspersky Lab 11.07.2012 12.0.1.117 LG Android Platform Drivers LG Electronics 25.05.2010 4,14MB 1.2 LG Bluetooth Drivers LG Electronics 25.05.2010 0,69MB 1.1 LG PC Suite II LG PC Suite 27.09.2010 2.00.0000 LG PC Suite IV LG Electronics 25.05.2010 4.2.15.20100413 LG USB Modem Drivers LG Electronics 25.05.2010 1,22MB 4.9.4 loadtbs-3.0 14.07.2012 Logitech SetPoint 6.15 Logitech 16.10.2010 39,1MB 6.15.25 Malwarebytes Anti-Malware Version 1.62.0.1300 Malwarebytes Corporation 26.07.2012 18,8MB 1.62.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 18.10.2010 38,8MB 4.0.30319 Microsoft IntelliPoint 7.0 Microsoft 16.10.2010 30,2MB 7.0.260.0 Microsoft Office 2000 Premium Microsoft Corporation 18.02.2010 239MB 9.00.2816 Microsoft Office File Validation Add-In Microsoft Corporation 15.09.2011 5,86MB 14.0.5130.5003 Microsoft Office Home and Student 2007 Microsoft Corporation 20.03.2012 12.0.6612.1000 Microsoft Office Live Add-in 1.5 Microsoft Corporation 17.04.2012 0,50MB 2.0.4024.1 Microsoft PowerPoint Viewer Microsoft Corporation 14.02.2012 185,6MB 14.0.6029.1000 Microsoft Silverlight Microsoft Corporation 22.05.2012 100,2MB 5.1.10411.0 Microsoft SkyDrive Microsoft Corporation 27.07.2012 24,9MB 16.4.6006.0718 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 16.02.2010 1,72MB 3.1.0000 Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Corporation 18.02.2010 0,61MB 1.0.1215.0 Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Corporation 18.02.2010 1,45MB 1.0.1215.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 20.02.2010 0,25MB 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.06.2011 0,29MB 8.0.56336 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 22.04.2012 0,68MB 8.0.61000 Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Corporation 20.02.2010 0,21MB 9.0.30729.4148 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 17.02.2010 0,20MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 26.04.2011 0,77MB 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 26.04.2011 0,58MB 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 18.02.2010 2,52MB 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 22.02.2010 0,77MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 16.10.2010 0,76MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 15.06.2011 0,77MB 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 Microsoft Corporation 28.07.2010 0,23MB 9.0.21022.218 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 22.02.2010 0,58MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 16.02.2010 0,58MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 25.03.2010 0,58MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.06.2011 0,59MB 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 09.03.2012 12,3MB 10.0.40219 Mozilla Firefox 14.0.1 (x86 de) Mozilla 16.07.2012 38,4MB 14.0.1 Mozilla Maintenance Service Mozilla 16.07.2012 0,30MB 14.0.1 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 29.04.2010 1,28MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 29.04.2010 1,33MB 4.20.9876.0 MSXML 4.0 SP2 Parser and SDK Microsoft Corporation 25.05.2010 36,00KB 4.20.9818.0 MSXML 4.0 SP3 Parser Microsoft Corporation 22.04.2012 1,48MB 4.30.2100.0 MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 10.07.2012 1,53MB 4.30.2114.0 MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 23.04.2012 1,53MB 4.30.2107.0 NVIDIA 3D Vision Controller-Treiber 296.10 NVIDIA Corporation 13.03.2012 296.10 NVIDIA 3D Vision Treiber 296.10 NVIDIA Corporation 13.03.2012 296.10 NVIDIA Grafiktreiber 296.10 NVIDIA Corporation 13.03.2012 296.10 NVIDIA PhysX-Systemsoftware 9.12.0213 NVIDIA Corporation 13.03.2012 9.12.0213 NVIDIA Update 1.7.11 NVIDIA Corporation 13.03.2012 1.7.11 OpenOffice.org 3.2 OpenOffice.org 28.07.2010 734MB 3.2.9502 Personal Backup 5.3 J. Rathlev 20.02.2012 13,8MB PixiePack Codec Pack None 17.05.2010 17,2MB 1.1.1200.0 QuickTime Apple Inc. 01.06.2012 73,3MB 7.72.80.56 RealPlayer RealNetworks 09.06.2012 91,8MB 15.0.4 Realtek 8136 8168 8169 Ethernet Driver Realtek 11.01.2010 1.00.0005 Skype™ 5.0 Skype Technologies S.A. 23.12.2010 22,4MB 5.0.156 SopCast 3.4.8 www.sopcast.com 28.01.2012 3.4.8 Steinberg Cubase LE 5 Steinberg Media Technologies GmbH 11.10.2011 91,3MB 5.1.2 Steinberg HALionOne Steinberg Media Technologies GmbH 11.10.2011 117,7MB 1.1.0.457 Steinberg HALionOne Essential Set Steinberg Media Technologies GmbH 11.10.2011 101,7MB 1.0.1.457 StreamTransport version: 1.0.2.2171 12.05.2012 Uninstall 1.0.0.1 23.03.2011 10,4MB US-600 driver 11.10.2011 USB Flash Port Driver Infineon Technologies 25.05.2010 0,42MB 1.00.0000 VIA Plattform-Geräte-Manager VIA Technologies, Inc. 11.01.2010 2,62MB 1.34 VLC media player 2.0.3 VideoLAN 26.07.2012 2.0.3 Windows Live Anmelde-Assistent Microsoft Corporation 16.02.2010 1,94MB 5.000.818.5 Windows Live Essentials Microsoft Corporation 17.02.2010 14.0.8089.0726 Windows Live Sync Microsoft Corporation 16.02.2010 2,79MB 14.0.8089.726 Windows Live-Uploadtool Microsoft Corporation 16.02.2010 0,22MB 14.0.8014.1029 Windows-Treiberpaket - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6) Infineon Technologies 25.05.2010 04/16/2009 1.0.0.6 |
|
29.07.2012, 06:40
| #4 | |||
| /// Helfer-Team | Trojan.FakeMS und KillProc.A Systemreinigung und Prüfung: 1. Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen: Code:
ATTFilter
Kaspersky Security Scan
(alle vorhandenen Protokolle!)
danach kann deinstalliert werden: Kaspersky Security Scan 3. anscheinend schon deinstalliert... Code:
ATTFilter Azureus + Vuze
Zitat:
Ausserdem nicht nur trojanische Pferde oder andere Virentypen eine direkt Verbindung brauchen, sondern der Verwendung von µtorrent & Co, "telefonieren auch nach Hause", wenn auch noch keine Beweise vorliegen (zumindest teilweise nicht) und solchen Clients erlaubt, würde ich nicht empfehlen!  Solange du solche Programme auf dein PC hast, wirst Du Dich laufend mit etwas Problematik konfrontieren müssen! 4. Deinstalliere, falls unter Systemsteuerung-> Software/Programme existiert: Code:
ATTFilter Conduit Engine <- Adware !! loadtbs-3 Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte. Während des Installationsvorgangs die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen bzw gesetzten Haken belassen, weil damit stimmt man nämlich zu, dass andere "Fremdprogramm", oder sogar Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert. In diese Kategorie gehören noch einige, wie z.B: -> Unerwünschte Toolbars Zitat:
Zitat:
Code:
ATTFilter :OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
[2012.07.17 05:53:26 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2012.06.28 09:06:20 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011.03.30 06:54:21 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\engine@conduit.com
[2012.07.15 14:04:18 | 000,000,000 | ---D | M] (loadtbs) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\software@loadtubes.com
[2011.10.01 15:04:10 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.01 15:04:10 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.01 15:04:10 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.01 15:04:10 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.01 15:04:10 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O2 - BHO: (no name) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - No CLSID value found.
O3 - HKLM\..\Toolbar: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a432af65-68d5-11df-ad5d-90e6bac11b45}\Shell - "" = AutoRun
O33 - MountPoints2\{a432af65-68d5-11df-ad5d-90e6bac11b45}\Shell\AutoRun\command - "" = E:\LGAutoRun.exe
[2012.07.28 11:45:01 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.28 11:41:21 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.28 11:41:08 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\Registry Reviver64-PC-Startup.job
[2012.07.28 11:41:08 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\CheckDriveBackgroundGuard.job
:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1DACCB1D-3EB3-4917-AABB-9414A3B79DFE}" =-
"{D3F3A5A8-DF17-4003-BFCA-7EE60C33E5CC}" =-
"TCP Query User{F9245826-B287-4A8D-AA3D-F00B28895577}C:\program files (x86)\vuze\azureus.exe" =-
"UDP Query User{89086524-6DB1-4674-8416-0EE2D2404A25}C:\program files (x86)\vuze\azureus.exe" =-
:Files
C:\Users\PC\AppData\Roaming\loadtbs
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
6. Tipps - Der Internet Explorer von Microsoft gehört zur Grundausstattung unter Windows, somit wie alle andere installierte Software muss gepflegt werden! Auch bei Nicht-Verwendung!: -> Tipps zu Internet Explorer -> Standard Suchmaschine des Explorers ändern -> Ändern oder Auswählen eines Suchanbieters in Internet Explorer 7/8 -> Wie kann ich den Cache im Internet Explorer leeren? 7. reinige dein System mit CCleaner:
8. Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung 9. -> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< 10. erneut einen Scan mit OTL:
► Wenn Du nun alle Schritte erledigt hast, melde dich mit die gewünschten Ergebnisse zurück! Nur bei Probleme inzwischen melden! ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
29.07.2012, 14:59
| #5 |
| | Trojan.FakeMS und KillProc.A So, nun ist alles erledigt. Hier die log-files: Kaspersky Security Scan (habe ich nur eine aktuelle, die alten wurden nicht gespeichert): Code:
ATTFilter Detaillierter Bericht
Gefundene Probleme
Untersuchungsdatum:
Update-Datum der Antiviren-Datenbanken:
Produktversion:
29.07.2012 13:25
29.07.2012 10:45
12.0.1.117 (a)
Computerschutz (0)
Informationen zum installierten Antiviren-Programm und der Firewall auf dem Computer.
Kaspersky Lab empfiehlt
Schädliche Programme (0)
Informationen zu den auf dem Computer gefundenen Schadprogrammen.
Kaspersky Lab empfiehlt
Schwachstellen (0)
Informationen zu den Programmen und Komponenten des Betriebssystems, in denen Schwachstellen gefunden wurden.
Andere Probleme (10)
Informationen zu Schwachstellen, die mit den Einstellungen der installierten Programme und des Betriebssystems zusammenhängen.
1. "Autostart von Festplatten ist aktiviert"
2. "Autostart von Netzlaufwerken ist aktiviert"
3. "Autostart von CD/DVD ist aktiviert"
4. "Autostart von Wechseldatenträgern ist aktiviert"
5. "Microsoft Internet Explorer: Nicht standardmäßige Kopfzeile löschen "
6. "Microsoft Internet Explorer: Senden von Fehlerberichten deaktivieren"
7. "Microsoft Internet Explorer: Liste der vertrauenswürdigen Domains leeren"
8. "Microsoft Internet Explorer: Liste der Ausnahmen für den Popupblocker leeren"
9. "Microsoft Internet Explorer: Automatisches Leeren des Zwischenspeichers beim Beenden des Browsers aktivieren"
10. "Microsoft Internet Explorer: Startseite leeren"
Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{38542454-dfb6-44f5-b052-d4e071a3d073} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38542454-dfb6-44f5-b052-d4e071a3d073}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3\ deleted successfully.
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Plugins folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\modules folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\META-INF folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\defaults\preferences folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\defaults folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\skin\images folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\skin folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\locale\ro-RO folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\locale\en-US folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\locale folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\content folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\engine@conduit.com folder moved successfully.
Folder C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\software@loadtubes.com\ not found.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0C86BBE-9509-4296-8459-FDBFDAF4B673}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0C86BBE-9509-4296-8459-FDBFDAF4B673}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a432af65-68d5-11df-ad5d-90e6bac11b45}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a432af65-68d5-11df-ad5d-90e6bac11b45}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a432af65-68d5-11df-ad5d-90e6bac11b45}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a432af65-68d5-11df-ad5d-90e6bac11b45}\ not found.
File E:\LGAutoRun.exe not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\Registry Reviver64-PC-Startup.job moved successfully.
C:\Windows\Tasks\CheckDriveBackgroundGuard.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DACCB1D-3EB3-4917-AABB-9414A3B79DFE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1DACCB1D-3EB3-4917-AABB-9414A3B79DFE}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D3F3A5A8-DF17-4003-BFCA-7EE60C33E5CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3F3A5A8-DF17-4003-BFCA-7EE60C33E5CC}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F9245826-B287-4A8D-AA3D-F00B28895577}C:\program files (x86)\vuze\azureus.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{89086524-6DB1-4674-8416-0EE2D2404A25}C:\program files (x86)\vuze\azureus.exe deleted successfully.
========== FILES ==========
C:\Users\PC\AppData\Roaming\loadtbs\html folder moved successfully.
C:\Users\PC\AppData\Roaming\loadtbs folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\PC\Downloads\cmd.bat deleted successfully.
C:\Users\PC\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: AppData
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: PC
->Temp folder emptied: 17289876 bytes
->Temporary Internet Files folder emptied: 4964358 bytes
->Java cache emptied: 9032701 bytes
->FireFox cache emptied: 67942759 bytes
->Flash cache emptied: 57015 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 57386 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 186166 bytes
Total Files Cleaned = 95,00 mb
OTL by OldTimer - Version 3.2.55.0 log created on 07292012_133807
Files\Folders moved on Reboot...
C:\Users\PC\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
File C:\Users\PC\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
Code:
ATTFilter C:\Users\PC\AppData\Roaming\OpenCandy\OpenCandy_AFBBD2C51E064FF6B7F4836EB52C483E\p1v1_PPIRegistryReviver_w.exe Variante von Win32/SlowPCfighter Anwendung
C:\Users\PC\AppData\Roaming\OpenCandy\OpenCandy_AFBBD2C51E064FF6B7F4836EB52C483E\PPIRegistryReviverSetup.exe Variante von Win32/SlowPCfighter Anwendung
C:\Windows\FixCamera.exe Variante von Win32/KillProc.A Anwendung
Arbeitsspeicher Variante von Win32/KillProc.A Anwendung
Code:
ATTFilter OTL logfile created on: 29.07.2012 15:40:58 - Run 2 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\PC\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 60,29% Memory free 8,00 Gb Paging File | 6,15 Gb Available in Paging File | 76,96% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 367,62 Gb Free Space | 78,95% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.28 12:34:51 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Downloads\OTL.exe PRC - [2012.07.28 11:42:30 | 000,238,544 | ---- | M] (Microsoft Corporation) -- C:\Users\PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe PRC - [2012.06.10 16:08:20 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2012.05.09 07:31:14 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.09 07:31:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.09 07:31:14 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.04.17 15:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010.10.10 19:15:46 | 001,265,664 | ---- | M] (www.bid-o-matic.org) -- C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe PRC - [2007.05.10 14:18:10 | 000,835,584 | ---- | M] () -- C:\Windows\vsnp325.exe PRC - [2007.04.21 10:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe PRC - [2007.02.12 15:50:40 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe PRC - [2005.11.21 12:34:24 | 000,081,920 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE ========== Modules (No Company Name) ========== MOD - [2012.05.09 06:43:04 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll MOD - [2012.05.09 06:42:11 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012.05.09 06:42:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012.05.09 06:42:07 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.05.09 06:42:01 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012.04.17 15:05:00 | 001,515,520 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll MOD - [2012.04.17 15:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe MOD - [2012.04.17 15:05:00 | 000,559,244 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll MOD - [2012.04.17 15:05:00 | 000,516,599 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll MOD - [2012.04.17 15:05:00 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetect.dll MOD - [2012.04.17 15:05:00 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll MOD - [2012.04.17 15:05:00 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll MOD - [2012.04.17 15:05:00 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll MOD - [2012.04.17 15:05:00 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2007.05.10 14:18:10 | 000,835,584 | ---- | M] () -- C:\Windows\vsnp325.exe MOD - [2007.04.21 10:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe MOD - [2007.02.12 15:50:40 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe ========== Win32 Services (SafeList) ========== SRV - [2012.07.27 11:51:40 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.07.17 23:04:18 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.05.09 07:31:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.09 07:31:14 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.05.06 11:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2005.11.21 12:34:24 | 000,081,920 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE -- (AVM IGD CTRL Service) SRV - [2005.11.21 11:48:06 | 000,315,392 | ---- | M] (AVM Berlin) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\AVM\De_serv.exe -- (de_serv) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.09 07:31:14 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.09 07:31:14 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.09.16 17:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.08 04:00:41 | 000,416,032 | ---- | M] (TASCAM) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tus600_u.sys -- (TASCAM_US600_USB) DRV:64bit: - [2011.02.08 04:00:40 | 000,054,560 | ---- | M] (TASCAM) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tus600_a.sys -- (TASCAM_US600_WDM) DRV:64bit: - [2011.02.08 04:00:40 | 000,032,032 | ---- | M] (TASCAM) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tus600_m.sys -- (TASCAM_US600_MIDI) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.08.14 20:16:01 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin) DRV:64bit: - [2010.08.04 21:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2010.05.12 17:40:14 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd) DRV:64bit: - [2009.11.01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009.09.29 08:15:02 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtpt64.sys -- (LgBttPort) DRV:64bit: - [2009.09.29 08:15:00 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgvmdm64.sys -- (LGVMODEM) DRV:64bit: - [2009.09.29 08:15:00 | 000,014,848 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtbs64.sys -- (lgbusenum) DRV:64bit: - [2009.08.06 00:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.28 17:47:38 | 000,033,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64k.sys -- (Point64) DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.05.14 03:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:64bit: - [2009.05.12 15:53:12 | 000,020,480 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FlashUSB_x64.sys -- (FlashUSB) DRV:64bit: - [2008.11.19 17:09:14 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2008.11.19 17:09:12 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2008.11.19 17:09:12 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2007.05.07 19:00:04 | 010,642,176 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp325.sys -- (SNP325) DRV:64bit: - [2007.04.16 21:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi) DRV:64bit: - [2006.11.16 16:58:46 | 000,031,248 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\synUSB64.sys -- (SynasUSB) DRV - [2010.03.18 03:03:42 | 000,005,632 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\StarOpen.sys -- (StarOpen) DRV - [2010.02.16 23:45:08 | 000,031,104 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS -- (HWiNFO32) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.05.12 15:53:12 | 000,020,480 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\FlashUsb_x64.sys -- (FlashUSB) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 E8 71 C7 18 B0 CA 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\ [2010.05.26 16:58:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.06.10 16:08:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.17 23:04:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.15 12:47:40 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.17 23:04:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.15 12:47:40 | 000,000,000 | ---D | M] [2011.08.25 15:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions [2011.08.25 15:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011.05.27 07:30:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de [2012.07.29 13:38:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions [2012.04.08 10:24:43 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012.06.27 07:46:28 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2012.05.18 12:26:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011.03.24 14:35:19 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.06.27 07:48:10 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\https-everywhere@eff.org [2010.11.26 14:43:12 | 000,000,000 | ---D | M] ("BlackSheep") -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\rvl0z6x9.default\extensions\jsobrier@zscaler.com [2012.07.27 12:05:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012.07.17 23:04:18 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.07.15 12:47:35 | 000,378,880 | ---- | M] (InfiniAd GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll [2012.06.10 16:08:28 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2011.10.01 15:04:10 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml O1 HOSTS File: ([2012.02.26 10:43:30 | 000,441,415 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 15170 more lines... O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (SplitButtonBHO Class) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin) O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - InprocServer32 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {38542454-DFB6-44F5-B052-D4E071A3D073} - No CLSID value found. O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [snp325] C:\Windows\vsnp325.exe () O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe () O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [tsnp325] C:\Windows\tsnp325.exe () O4 - HKCU..\Run: [SkyDrive] C:\Users\PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic.exe - Verknüpfung.lnk = C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe (www.bid-o-matic.org) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8:64bit: - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm () O8:64bit: - Extra context menu item: LG Link Air Option - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:64bit: - Extra context menu item: LG Link Air Save to Mobile Document Folder - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:64bit: - Extra context menu item: LG Link Air Save to Mobile Memo - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:64bit: - Extra context menu item: LG Link Air Save to Mobile Photo Album - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:64bit: - Extra context menu item: LG Link Air Set as Mobile Wallpaper - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm () O8 - Extra context menu item: LG Link Air Option - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Link Air Save to Mobile Document Folder - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Link Air Save to Mobile Memo - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Link Air Save to Mobile Photo Album - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Link Air Set as Mobile Wallpaper - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O9:64bit: - Extra Button: FRITZ!Box AddOn - {328ECD19-C167-40eb-A0C7-16FE7634105F} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\FRITZ!DSL\SARAH.DLL (AVM Berlin) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (Reg Error: Key error.) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD19B5BE-7C64-4AB8-9B5A-944A9C86D52D}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ipp - No CLSID value found O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.29 13:38:07 | 000,000,000 | ---D | C] -- C:\_OTL [2012.07.27 12:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.07.27 12:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012.07.27 12:07:23 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.07.27 12:07:06 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.07.27 12:07:06 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.07.27 09:08:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.07.27 08:57:21 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\aaa_Logdateien [2012.07.27 07:29:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\vlc [2012.07.27 07:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.07.17 07:22:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlotSoft [2012.07.15 15:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.07.15 15:01:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.07.15 15:01:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.07.15 15:01:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.07.15 12:47:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\convert [2012.07.15 12:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript [2012.07.15 12:30:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gs [2012.07.15 12:28:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Scribus [2012.07.15 12:19:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\fontconfig [2012.07.15 12:19:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\gegl-0.2 [2012.07.15 12:19:41 | 000,000,000 | ---D | C] -- C:\Users\PC\.gimp-2.8 [2012.07.15 12:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2012.07.11 06:30:15 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.07.11 06:30:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.07.11 06:30:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.07.11 06:30:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.07.11 06:30:14 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.07.11 06:30:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.07.11 06:30:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.07.11 06:30:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.07.11 06:30:12 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.07.11 06:30:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.07.11 06:30:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.07.11 06:30:12 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.07.11 06:30:12 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.07.11 06:00:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.07.11 06:00:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.07.11 06:00:19 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.07.11 06:00:06 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.07.11 06:00:05 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2010.08.14 20:16:01 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\PC\AppData\Roaming\pcouffin.sys [2010.08.04 16:51:06 | 011,405,816 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Program Files (x86)\Videos schneiden.exe ========== Files - Modified Within 30 Days ========== [2012.07.29 15:26:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.29 13:54:52 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.29 13:54:52 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.29 13:46:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.29 13:46:38 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2012.07.29 13:45:44 | 000,002,788 | ---- | M] () -- C:\Users\PC\Documents\cc_20120729_134532.reg [2012.07.27 12:07:00 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.07.27 12:07:00 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.07.27 11:51:40 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.07.27 11:51:39 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.07.27 07:39:34 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.27 07:28:55 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.07.15 15:02:06 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.07.15 13:11:51 | 000,002,018 | ---- | M] () -- C:\Users\PC\Documents\cc_20120715_131149.reg [2012.07.12 22:58:54 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.07.11 06:48:21 | 000,355,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.07.05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.02 07:11:39 | 000,003,732 | ---- | M] () -- C:\Users\PC\Documents\cc_20120702_071128.reg ========== Files Created - No Company Name ========== [2012.07.29 13:45:34 | 000,002,788 | ---- | C] () -- C:\Users\PC\Documents\cc_20120729_134532.reg [2012.07.27 07:39:34 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.27 07:28:55 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.07.15 15:02:06 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.07.15 13:11:50 | 000,002,018 | ---- | C] () -- C:\Users\PC\Documents\cc_20120715_131149.reg [2012.07.02 07:11:29 | 000,003,732 | ---- | C] () -- C:\Users\PC\Documents\cc_20120702_071128.reg [2012.05.12 08:27:20 | 000,035,578 | ---- | C] () -- C:\Windows\wininit.ini [2012.03.03 11:06:39 | 000,393,256 | ---- | C] () -- C:\Windows\SysWow64\CNQ2414N.DAT [2012.02.29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.12.19 07:38:48 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll [2011.10.12 18:28:35 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys [2011.10.12 18:26:25 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg [2011.10.11 14:14:27 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll [2011.10.11 14:13:04 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2011.10.11 14:12:33 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.10.11 14:03:27 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe [2011.03.17 11:37:01 | 000,000,195 | ---- | C] () -- C:\Windows\cdplayer.ini [2010.12.30 11:47:40 | 000,005,536 | ---- | C] () -- C:\Users\PC\AppData\Roaming\mdbu.bin [2010.12.27 20:13:12 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe [2010.12.27 20:13:12 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe [2010.12.27 20:13:12 | 000,147,456 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp325.dll [2010.12.27 20:13:12 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpx32.dll [2010.12.27 20:13:12 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini [2010.12.27 19:53:09 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe [2010.12.27 19:53:08 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnp325.dll [2010.12.27 19:53:08 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\csnp325.dll [2010.12.24 18:03:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.08.14 20:16:01 | 000,099,384 | ---- | C] () -- C:\Users\PC\AppData\Roaming\inst.exe [2010.08.14 20:16:01 | 000,007,859 | ---- | C] () -- C:\Users\PC\AppData\Roaming\pcouffin.cat [2010.08.14 20:16:01 | 000,001,167 | ---- | C] () -- C:\Users\PC\AppData\Roaming\pcouffin.inf [2010.08.14 19:58:16 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.08.11 21:33:56 | 000,000,017 | ---- | C] () -- C:\Users\PC\AppData\Local\resmon.resmoncfg [2010.02.19 17:22:48 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.02.19 17:22:48 | 000,000,008 | RHS- | C] () -- C:\ProgramData\0A3C2BC4D1.sys [2010.02.19 16:41:55 | 004,096,000 | ---- | C] () -- C:\Users\PC\FRITZ.Box_Fon_5140.AnnexB.43.04.67.image [2010.02.19 16:41:20 | 000,000,278 | ---- | C] () -- C:\Users\PC\plakat.pdf [2010.02.19 16:40:59 | 000,310,784 | ---- | C] () -- C:\Users\PC\Wochenbericht G-u-KBP.dot ========== LOP Check ========== [2010.10.28 10:02:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Audacity [2010.02.21 20:25:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Auslogics [2012.03.03 16:23:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Azureus [2010.02.19 17:54:55 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Canneverbe Limited [2012.03.03 11:09:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Canon [2012.07.15 12:47:40 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\convert [2012.04.06 13:21:14 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DVDVideoSoft [2011.03.24 17:45:03 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DVDVideoSoftIEHelpers [2011.11.05 09:50:56 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\elsterformular [2010.04.28 14:57:34 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FreeFLVConverter [2010.08.12 20:58:43 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FreeVideoConverter [2010.12.09 16:26:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FRITZ! [2011.08.25 20:00:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GARMIN [2010.11.17 21:13:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GetRightToGo [2011.05.27 15:42:59 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Haufe [2011.05.27 07:30:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Haufe Mediengruppe [2012.04.24 16:18:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\HTC [2012.04.24 16:20:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2010.10.17 12:13:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Leadertech [2010.09.28 17:09:26 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\LG Electronics [2011.10.11 14:19:14 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\MAGIX [2010.05.26 17:51:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ML [2010.10.28 12:20:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Music Editor Free [2010.10.17 12:48:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenCandy [2010.02.19 17:38:49 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org [2011.05.29 09:19:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Panda Security [2010.09.11 11:38:21 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PersBackup5 [2011.02.10 17:01:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\pschmid.net [2012.07.08 14:28:34 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\QuickScan [2012.07.15 12:36:51 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Scribus [2011.10.12 18:48:55 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Steinberg [2011.05.29 09:18:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\SurfSecret Privacy Suite [2011.08.25 15:38:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TomTom [2010.11.11 20:28:56 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TrafficMonitor [2012.04.06 13:19:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Vso [2011.12.16 12:15:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\VST3 Presets [2012.07.11 07:28:10 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 29.07.2012 15:40:58 - Run 2
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\PC\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 60,29% Memory free
8,00 Gb Paging File | 6,15 Gb Available in Paging File | 76,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 367,62 Gb Free Space | 78,95% Space Free | Partition Type: NTFS
Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CA19AFF-E8BA-4F63-B564-ABEBD8BB538E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E0F723F-2200-463D-B346-3FCBF9F92E15}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2AB0F014-F3FA-444D-907B-C8DA2F5DEFCB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3093D4A2-6985-40B4-9DF0-8B1F7DBF391F}" = lport=445 | protocol=6 | dir=in | app=system |
"{31F9D71E-B52E-4DCC-857C-022037A3B7D2}" = lport=139 | protocol=6 | dir=in | app=system |
"{33D30A0C-7853-4A13-BB13-3FEA5445518B}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{35810557-1505-4670-A3CF-D162B362788A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{36C8ED95-DC42-438A-9645-AFFB53216DBF}" = rport=138 | protocol=17 | dir=out | app=system |
"{45B3998A-F58E-4C57-9D84-F2D54756E02F}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{473E977A-97FD-41BC-A8B1-D98DD6BB3D23}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5234CF93-EC21-4641-93F5-72865D97BD1D}" = rport=445 | protocol=6 | dir=out | app=system |
"{55834602-12E1-4138-B78D-90C1F3E16A44}" = lport=10244 | protocol=6 | dir=in | app=system |
"{5739DD9B-03DF-4B1B-9524-F39206E96166}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{58194209-13B5-45A9-AD97-02A0F3F64718}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5ABBAA5B-A45E-44E4-B93E-2100018C14F2}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61DDA960-DB60-4A72-B2B0-D091A4B87F94}" = lport=138 | protocol=17 | dir=in | app=system |
"{688D9EDB-2181-47B0-A213-11B060C9E5C5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6C0096F9-0D8D-47FE-831A-BE5CC7B5BAF8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7BA80F4E-7336-4CA4-B95E-CD6AEAE97B4E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{98C39C1D-61B0-4521-B0B0-ED0516699B92}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{993451DF-6D29-4D8C-850A-98508B46A2F6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9D7A2162-BE09-4696-B1A4-F8A85E17323D}" = rport=137 | protocol=17 | dir=out | app=system |
"{9F4A14A9-AB35-4E71-BD6B-A0B47A0086F8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A2D29E3D-BC02-40E5-846A-7D6E0424D924}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AEB388D0-70E6-4E95-8A8B-5846A51C0FE6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B1C6C485-6BA2-40D2-A8E1-76F55115AFBA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B27C9111-46E9-4EC5-9247-062B856E8F0C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BEB97C45-C97E-4243-B6C6-59E74D0F7BC3}" = rport=139 | protocol=6 | dir=out | app=system |
"{CF598BDE-8F0A-478D-B986-6CC42041A230}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D46D1F06-5D60-413F-9210-4F37D50805F1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E5866403-B3D0-4423-B926-4BAFF6144295}" = lport=3390 | protocol=6 | dir=in | app=system |
"{E7721098-473D-4D28-AF33-A125FBF26895}" = lport=80 | protocol=6 | dir=in | name=http |
"{F825B32F-9458-4E6E-B03D-4D7FDAD28DB1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FB35224C-856E-492C-B908-8C481052EC8E}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E48F17-4CAA-48AF-B7D5-BF5B8D433752}" = protocol=6 | dir=in | app=c:\users\pc\appdata\local\microsoft\skydrive\skydrive.exe |
"{04C0D250-AD8F-4893-B6A4-8D6BD676021A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{068908C6-F8D7-43D7-897B-16A7D25AE0D4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0DA5EFD8-EBD5-42F3-A692-F629405111D7}" = protocol=17 | dir=in | app=c:\program files (x86)\7-zip\7zfm.exe |
"{185FC758-2CA2-4A3A-A784-03361E65305F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20D6BE7B-E9FA-4C26-B153-323C2F494BAB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2172C87D-0F87-44D9-BCCF-19D6AEED5228}" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\igdctrl.exe |
"{2C277C3D-290B-41A9-9722-FB9087715F02}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{2DBD8CBF-EF36-4488-A364-57CE114A3C81}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{2EE4772E-1B63-44DF-BF2A-9C04D3D237EC}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{30F863D6-8EED-424B-9F2F-1BA4A79F1424}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3723E059-9671-4AD5-81E7-98A316D6E89B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37D2D7F9-CFD0-471B-92B1-17520E59D88A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{40DEC8DF-10CA-46C5-9A4B-869DA6429892}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{45F9C0D9-9A73-4D0D-A888-235184808334}" = protocol=17 | dir=in | app=c:\users\pc\appdata\local\microsoft\skydrive\skydrive.exe |
"{48554E90-3C21-4E3D-A6D6-4A81F377F653}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{4886E396-8B77-4BBF-B8E5-B879D06CB17D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5080F639-C5D0-4AB9-8AF2-F6F8BF1C9377}" = protocol=6 | dir=out | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{6058CC66-DE8F-477A-8FFD-7F6ED076D3A6}" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\igdctrl.exe |
"{73ED72F1-18D0-40DE-A527-7A50F952CF5A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{76F47914-4ACD-4AB9-AE89-D35567D39725}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{7B223445-93E1-4A3E-988C-D7698824FDA9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{832A3DE0-7597-402E-A671-71E057ADEDC5}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{91B2A936-0F5A-47C7-B342-0B3C48A4E1B3}" = protocol=6 | dir=in | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{9219CB48-3D86-4FAD-B2D9-0B8064A658E6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9495A0CA-3A7A-45BE-8857-87B03FC486F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B4790ED-4270-4CF5-81E3-149170F66AF3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9DE10F78-07A5-4B6F-94DA-EF1D6125E91A}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{9EFE917D-7481-4735-A450-14675DF117FD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A0025C5E-E9C5-4E54-BA74-F204427C95EA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A80E790D-18B1-4553-B3F0-ECF68450076D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A8B4029E-FEDB-4F1F-8503-BD5ECD904F68}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ADA746FC-995A-4120-A998-2D111B623686}" = protocol=6 | dir=in | app=c:\program files (x86)\7-zip\7zfm.exe |
"{B69F9EC4-F498-44E5-A6E4-B31ACD0A8594}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BF301432-2F85-4E2D-B66D-AC06AB30D0EA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C082B9BD-B890-4F54-9E7A-F6C0C1D0FB41}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{C484DCFB-0551-4982-88C8-2B02EA5C8219}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF1B650B-A858-4BE2-A409-0558B8026468}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D659D5B4-48E3-4BC8-A9A8-6BB689ED84EA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DDAF6C34-A84E-4BC3-8A5A-4727524CF636}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E21832C9-B86E-4008-BE9F-8AC1C0AFC5E7}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E271FBEB-5066-4470-95A7-93F2DDFCB398}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E6AA079C-D201-491D-A6AC-51722486CCCE}" = dir=in | app=%programfiles% (x86)\bitcomet\bitcomet.exe |
"{E7A6723C-DB07-4C54-BB5B-364B2C2D3D9C}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{E902E49D-BF64-4ACE-B67C-B2E917C1396A}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{E9984F1A-9E5B-4C2F-83D9-154D92D3C6A8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ED8B444C-7F1B-4FDB-A8DF-E21E38361CA3}" = protocol=6 | dir=out | app=system |
"{EEE3BA47-1F8D-4189-A871-6B9640DE7969}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F673C2A9-CA03-4E30-BBE1-883A409E72FD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F8026174-2251-45C0-8164-E5363CD54FFB}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{FC0AA08A-9968-436B-86FA-3E2EA625F05C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{3D8CA430-E59E-49D1-85D8-57A2E42A9ECC}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{5F8C5D00-9681-499A-B524-1FACD02A04DF}C:\program files (x86)\fritz!dsl\webwaigd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\webwaigd.exe |
"TCP Query User{84C246C1-B151-4EA7-A824-5295EC08B68C}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{886F1FB2-E341-4C0B-99FB-816140CD4A85}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"TCP Query User{93C118A2-3D9D-4218-92B1-20493638DCEA}C:\users\pc\downloads\alte downloads\cityville\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\users\pc\downloads\alte downloads\cityville\cityvillebot\cvbot.exe |
"TCP Query User{99D4B6DB-F406-4065-9296-AC9F814A20F4}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{A2F59E22-0063-4BE8-87E8-CF2224D27C22}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{A8954309-E517-48D2-90F2-57563E428D4A}C:\users\pc\downloads\cityville\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\users\pc\downloads\cityville\cityvillebot\cvbot.exe |
"TCP Query User{AED68D42-308C-42DA-9FA4-1C2689DD7E40}C:\users\pc\downloads\alte downloads\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\users\pc\downloads\alte downloads\cityvillebot\cvbot.exe |
"TCP Query User{BFB31E0E-658B-4143-B7C7-4B4162A436F6}C:\program files (x86)\fritz!dsl\fboxupd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\fboxupd.exe |
"UDP Query User{1420F10E-9F68-485A-B293-8687312A75A5}C:\program files (x86)\fritz!dsl\webwaigd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\webwaigd.exe |
"UDP Query User{1A2BD9F9-79C7-4FE9-B8CE-ADEAA7A97366}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{2B71651B-2CAD-4594-BD0E-A10D61358453}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{534F82AE-11E7-4CAF-8315-1D80AD9A92A8}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{545181FB-2E81-4800-A5F7-33AB7CA39B11}C:\users\pc\downloads\alte downloads\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\users\pc\downloads\alte downloads\cityvillebot\cvbot.exe |
"UDP Query User{80A8C5D5-62BB-44B0-A095-FCB939A9DB49}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{A3BDCA30-1B16-42BF-8E16-1698B9C7161A}C:\program files (x86)\fritz!dsl\fboxupd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\fboxupd.exe |
"UDP Query User{AEF23E1D-AB3C-4E4B-98D6-EB26A67FF655}C:\users\pc\downloads\alte downloads\cityville\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\users\pc\downloads\alte downloads\cityville\cityvillebot\cvbot.exe |
"UDP Query User{C0E41729-B372-4B89-A274-36B601F9F49E}C:\users\pc\downloads\cityville\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\users\pc\downloads\cityville\cityvillebot\cvbot.exe |
"UDP Query User{C7132DC0-626C-4E96-85F7-AF8984B12BD4}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414" = CanoScan LiDE 110 Scanner Driver
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C74A84EC-7C5F-4C36-A4A6-381E516D643B}" = Microsoft IntelliPoint 7.0
"{CFB4DE27-AEED-4B12-8A3C-A77EBF1AFDDD}" = AVM FRITZ!Box AddOn (IE) (x64)
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"81AE60DDD229A248055515E311406D86F7E4012A" = Windows-Treiberpaket - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SP6" = Logitech SetPoint 6.15
"USB_AUDIO_DEusb-audio.deTascamUS600" = US-600 driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{0AF6CFBC-02CB-4B7F-B71D-7B1DBE8A5E7B}" = LG PC Suite II
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50C78780-1A54-4A5C-B3A7-FF828C62C5C2}" = Steinberg Cubase LE 5
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6816248D-510A-45F8-AC79-24FF2C3A5D7F}" = LG Android Platform Drivers
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F6E16CA-6157-4B67-962F-2B501A8C8EA6}" = Garmin Lifetime Updater
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C04D5974-F528-4347-A494-EAF56124CC1A}" = Steinberg HALionOne Essential Set
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML (Private Edition)
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = hama PC-Webcam RW-100
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"7-Zip" = 7-Zip 9.20
"AbcNavigator 2_is1" = AbcNavigator 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AP Tuner 3.08" = AP Tuner 3.08
"ASIO4ALL" = ASIO4ALL
"AudioCon" = AudioCon
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin (64 bit)
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"BestPractice" = BestPractice (remove only)
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"CanonSolutionMenuEX" = Canon Solution Menu EX
"cdrtools Frontend_is1" = cdrtfe 1.3.8
"eLicenser Control" = eLicenser Control
"ElsterFormular für Privatanwender 12.1.0.6164p" = ElsterFormular-Update
"ESET Online Scanner" = ESET Online Scanner v3
"Free FLV Converter_is1" = Free FLV Converter V 6.91.0
"Free Video Converter_is1" = Free Video Converter V 2.5
"FRITZ!DSL" = AVM FRITZ!DSL
"Guitar Pro 5_is1" = Guitar Pro 5.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HWiNFO32_is1" = HWiNFO32 Version 3.50
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"LG PC Suite IV" = LG PC Suite IV
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Personal Backup 5_is1" = Personal Backup 5.3
"RealPlayer 15.0" = RealPlayer
"SopCast" = SopCast 3.4.8
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.06.2012 07:21:57 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\SoftonicDownloader_fuer_windows-live-photo-gallery.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 01.07.2012 13:00:01 | Computer Name = PC-PC | Source = Windows Backup | ID = 4103
Description =
Error - 02.07.2012 23:51:21 | Computer Name = PC-PC | Source = Bonjour Service | ID = 100
Description = ERROR: mDNSPlatformReadTCP - recv: 10053
Error - 02.07.2012 23:51:21 | Computer Name = PC-PC | Source = Bonjour Service | ID = 100
Description = 476: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error - 12.07.2012 16:54:07 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\SoftonicDownloader_fuer_windows-live-photo-gallery.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 12.07.2012 16:54:09 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\SoftonicDownloader_fuer_pc-wizard.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 21.07.2012 01:39:42 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_265.exe,
Version: 11.3.300.265, Zeitstempel: 0x4febd5ac Name des fehlerhaften Moduls: unknown,
Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset:
0x00000000 ID des fehlerhaften Prozesses: 0x1198 Startzeit der fehlerhaften Anwendung:
0x01cd6700880aeab4 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 780febc5-d2f6-11e1-b3c6-90e6bac11b45
Error - 27.07.2012 06:11:40 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\SoftonicDownloader_fuer_pc-wizard.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 27.07.2012 06:11:40 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\SoftonicDownloader_fuer_windows-live-photo-gallery.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 27.07.2012 06:19:52 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\Drum
Computer\SoftonicDownloader_fuer_fl-studio.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
[ System Events ]
Error - 26.07.2012 13:03:19 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 13:03:31 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 13:03:41 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 13:03:51 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 13:04:01 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 23:53:10 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 23:53:20 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 23:53:30 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 26.07.2012 23:53:40 | Computer Name = PC-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den PC-PC\PC-Benutzer ("60") ist gleich oder größer als das durch
die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
Computer zu erhöhen.
Error - 29.07.2012 07:38:07 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
< End of report >
 |
|
30.07.2012, 07:29
| #6 | |
| /// Helfer-Team | Trojan.FakeMS und KillProc.A ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche? 1. Zitat:
Code:
ATTFilter :OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - InprocServer32 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {38542454-DFB6-44F5-B052-D4E071A3D073} - No CLSID value found.
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
__________________ --> Trojan.FakeMS und KillProc.A |
|
30.07.2012, 19:43
| #7 |
| | Trojan.FakeMS und KillProc.A Der Rechner läuft ohne Probleme. Kein Absturz, keine bluescreen, nichts Auffälliges. Hier das Textdokument von OTL: Code:
ATTFilter All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\InprocServer32 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{38542454-DFB6-44F5-B052-D4E071A3D073} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38542454-DFB6-44F5-B052-D4E071A3D073}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\PC\Downloads\cmd.bat deleted successfully.
C:\Users\PC\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: AppData
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: PC
->Temp folder emptied: 113693 bytes
->Temporary Internet Files folder emptied: 2241542 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 55351121 bytes
->Flash cache emptied: 506 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3040 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 190160 bytes
Total Files Cleaned = 55,00 mb
OTL by OldTimer - Version 3.2.55.0 log created on 07302012_203104
Files\Folders moved on Reboot...
C:\Users\PC\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
File C:\Users\PC\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
|
|
31.07.2012, 08:05
| #8 | ||
| /// Helfer-Team | Trojan.FakeMS und KillProc.A ** Lass dein System in der nächste Zeit noch unter Beobachtung! wenn alles gut verlaufen ist und dein System läuft stabil,mache folgendes: 1. Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf: Code:
ATTFilter CCleaner
2. Tool-Bereinigung mit OTL Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
3. Windows legt beispielsweise regelmäßig Schattenkopien an (mindestens einmal täglich), die im Notfall zur Wiederherstellung des Systems und zum Zugriff auf ältere Dateiversionen dienen. Diese Funktion belegt sehr viel Speicherplatz. Standardmäßig beträgt der für Schattenkopien reservierte Speicherplatz 15 % der Volumegröße, so dass die Systemleistung auch beeinträchtigt wird. Außerdem gelöschte und ev. schädliche Objekte, die in der Systemwiederherstellung sitzen, müssen auch entfernt werden: Also mach bitte folgendes:
4. Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern (man sollte alle 3-4 Monate machen) z.B. Login-, Mail- oder Website-Passwörter Tipps: Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern) auch noch hier unter: Sicheres Kennwort (Password) 5. ► Schaue bitte nach, ob für Windows neue Update gibt?!:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand! Lesestoff Nr.1: Gib Kriminellen Handlungen keine Chance! Zitat:
** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !! Zitat:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher:
Wenn Du uns unterstützen möchtest→ Spendekonto gruß kira
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
| Themen zu Trojan.FakeMS und KillProc.A |
| administrator, aktion, andere probleme, anti-malware, antivir, appdata, autostart, candy, code, computer, dateien, diverse, eset, explorer, forum, gen, heute, killproc.a, logfiles, malwarebytes, opencandy, probleme, roaming, scan, service, speicher, trojan.fakems, trojaner, version, win32/killproc.a |
.
) Eine weitere höchst unsichere Quelle ist das File-Sharing der sog. (Musik-)Tauschbörse. 
Linear-Darstellung
