SUISA Trojaner ich habe mir den Suisa Trojaner geholt..nicht extra
Unten das Log. Wie weiter?OTL Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
OTL logfile created on: 08.08.2012 14:49:42 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Tamy\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.40% Memory free
4.00 Gb Paging File | 3.08 Gb Available in Paging File | 77.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228.14 Gb Total Space | 10.17 Gb Free Space | 4.46% Space Free | Partition Type: NTFS
Drive J: | 963.70 Mb Total Space | 859.83 Mb Free Space | 89.22% Space Free | Partition Type: FAT
Computer Name: OGOZ | User Name: Tamy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Tamy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\PhotoSync\PhotoSync.exe (touchbyte GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
PRC - C:\Users\Tamy\Desktop\procexp.exe (Sysinternals)
PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7a684c3b60526afb62a0969ada9c94cd\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d08e6e917f08ef674373576016969a20\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\2807b771372137d41fb8d392a878d0c7\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\1924bdaf130f882ceaf9d7b880602d22\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\096f1b3839e7d6dfe2598941329c08dc\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\acf4f694ab9c0b1802e83e5cd726812f\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f477a17590634925c583632d171e2726\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e360aa959e1b83be7026670d129c0a93\mscorlib.ni.dll ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
========== Win32 Services (SafeList) ==========
SRV - (2a398259849a3d2b) -- C:\Windows\System32\drivers\2a398259849a3d2b.sys ()
SRV - (syshost32) -- C:\Windows\Installer\{AE2851AF-9A95-D68E-F917-AF4AD7C292F2}\syshost.exe ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (afcdpsrv) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (AdobeActiveFileMonitor7.0) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
========== Driver Services (SafeList) ==========
DRV - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Profi Business 2011b\WNt500x86\Sandra.sys File not found
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found
DRV - (2a398259849a3d2b) -- C:\Windows\System32\drivers\2a398259849a3d2b.sys ()
DRV - (TCPIP6) -- C:\Windows\System32\DRIVERS\tcpip.sys ()
DRV - (Tcpip) -- C:\Windows\System32\drivers\tcpip.sys ()
DRV - (upperdev) -- C:\Windows\System32\DRIVERS\usbser_lowerflt.sys ()
DRV - (mrxsmb10) -- C:\Windows\System32\DRIVERS\mrxsmb10.sys ()
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (Netaapl) -- C:\Windows\System32\DRIVERS\netaapl.sys ()
DRV - (srv) -- C:\Windows\System32\DRIVERS\srv.sys ()
DRV - (srv2) -- C:\Windows\System32\DRIVERS\srv2.sys ()
DRV - (srvnet) -- C:\Windows\System32\DRIVERS\srvnet.sys ()
DRV - (mrxsmb20) -- C:\Windows\System32\DRIVERS\mrxsmb20.sys ()
DRV - (mrxsmb) -- C:\Windows\System32\DRIVERS\mrxsmb.sys ()
DRV - (AFD) -- C:\Windows\System32\drivers\afd.sys ()
DRV - (usbhub) -- C:\Windows\System32\DRIVERS\usbhub.sys ()
DRV - (usbccgp) -- C:\Windows\System32\DRIVERS\usbccgp.sys ()
DRV - (usbehci) -- C:\Windows\System32\DRIVERS\usbehci.sys ()
DRV - (usbohci) -- C:\Windows\System32\drivers\usbohci.sys ()
DRV - (usbuhci) -- C:\Windows\System32\DRIVERS\usbuhci.sys ()
DRV - (Ntfs) -- C:\Windows\System32\drivers\ntfs.sys ()
DRV - (USBSTOR) -- C:\Windows\System32\DRIVERS\USBSTOR.SYS ()
DRV - (bowser) -- C:\Windows\System32\DRIVERS\bowser.sys ()
DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys ()
DRV - (volsnap) -- C:\Windows\System32\drivers\volsnap.sys ()
DRV - (volmgr) -- C:\Windows\System32\drivers\volmgr.sys ()
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys ()
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys ()
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys ()
DRV - (vhdmp) -- C:\Windows\System32\drivers\vhdmp.sys ()
DRV - (TermDD) -- C:\Windows\System32\drivers\termdd.sys ()
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys ()
DRV - (sbp2port) -- C:\Windows\System32\drivers\sbp2port.sys ()
DRV - (NDIS) -- C:\Windows\System32\drivers\ndis.sys ()
DRV - (pci) -- C:\Windows\System32\drivers\pci.sys ()
DRV - (partmgr) -- C:\Windows\System32\drivers\partmgr.sys ()
DRV - (iScsiPrt) -- C:\Windows\System32\drivers\msiscsi.sys ()
DRV - (msdsm) -- C:\Windows\System32\drivers\msdsm.sys ()
DRV - (mpio) -- C:\Windows\System32\drivers\mpio.sys ()
DRV - (msahci) -- C:\Windows\System32\drivers\msahci.sys ()
DRV - (mountmgr) -- C:\Windows\System32\drivers\mountmgr.sys ()
DRV - (KSecDD) -- C:\Windows\System32\Drivers\ksecdd.sys ()
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys ()
DRV - (DXGKrnl) -- C:\Windows\System32\drivers\dxgkrnl.sys ()
DRV - (ACPI) -- C:\Windows\System32\drivers\ACPI.sys ()
DRV - (fvevol) -- C:\Windows\System32\DRIVERS\fvevol.sys ()
DRV - (RDPDR) -- C:\Windows\System32\drivers\rdpdr.sys ()
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\tsusbflt.sys ()
DRV - (RDPWD) -- C:\Windows\System32\drivers\rdpwd.sys ()
DRV - (tssecsrv) -- C:\Windows\System32\DRIVERS\tssecsrv.sys ()
DRV - (RDPCDD) -- C:\Windows\System32\DRIVERS\RDPCDD.sys ()
DRV - (TDTCP) -- C:\Windows\System32\drivers\tdtcp.sys ()
DRV - (TDPIPE) -- C:\Windows\System32\drivers\tdpipe.sys ()
DRV - (NdisWan) -- C:\Windows\System32\DRIVERS\ndiswan.sys ()
DRV - (Wanarpv6) -- C:\Windows\System32\DRIVERS\wanarp.sys ()
DRV - (WANARP) -- C:\Windows\System32\DRIVERS\wanarp.sys ()
DRV - (NDProxy) -- C:\Windows\System32\drivers\ndproxy.sys ()
DRV - (tcpipreg) -- C:\Windows\System32\drivers\tcpipreg.sys ()
DRV - (tunnel) -- C:\Windows\System32\DRIVERS\tunnel.sys ()
DRV - (Ndisuio) -- C:\Windows\System32\DRIVERS\ndisuio.sys ()
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys ()
DRV - (umbus) -- C:\Windows\System32\drivers\umbus.sys ()
DRV - (HdAudAddService) -- C:\Windows\System32\drivers\HdAudio.sys ()
DRV - (usbser) -- C:\Windows\System32\drivers\usbser.sys ()
DRV - (usbaudio) -- C:\Windows\System32\drivers\usbaudio.sys ()
DRV - (WinUsb) -- C:\Windows\System32\DRIVERS\WinUsb.sys ()
DRV - (HidUsb) -- C:\Windows\System32\DRIVERS\hidusb.sys ()
DRV - (WUDFRd) -- C:\Windows\System32\DRIVERS\WUDFRd.sys ()
DRV - (WudfPf) -- C:\Windows\System32\drivers\WudfPf.sys ()
DRV - (sffp_sd) -- C:\Windows\System32\drivers\sffp_sd.sys ()
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys ()
DRV - (kbdhid) -- C:\Windows\System32\drivers\kbdhid.sys ()
DRV - (AppID) -- C:\Windows\System32\drivers\appid.sys ()
DRV - (scfilter) -- C:\Windows\System32\DRIVERS\scfilter.sys ()
DRV - (IPMIDRV) -- C:\Windows\System32\drivers\IPMIDrv.sys ()
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys ()
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys ()
DRV - (AcpiPmi) -- C:\Windows\System32\drivers\acpipmi.sys ()
DRV - (CSC) -- C:\Windows\System32\drivers\csc.sys ()
DRV - (rdbss) -- C:\Windows\System32\DRIVERS\rdbss.sys ()
DRV - (MRxDAV) -- C:\Windows\System32\drivers\mrxdav.sys ()
DRV - (DfsC) -- C:\Windows\System32\Drivers\dfsc.sys ()
DRV - (udfs) -- C:\Windows\System32\DRIVERS\udfs.sys ()
DRV - (HTTP) -- C:\Windows\System32\drivers\HTTP.sys ()
DRV - (NetBT) -- C:\Windows\System32\DRIVERS\netbt.sys ()
DRV - (tdx) -- C:\Windows\System32\DRIVERS\tdx.sys ()
DRV - (cdrom) -- C:\Windows\System32\drivers\cdrom.sys ()
DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys ()
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\RaInfo.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (vmm) -- C:\Windows\System32\Drivers\vmm.sys ()
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys ()
DRV - (UsbserFilt) -- C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys ()
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys ()
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys ()
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys ()
DRV - (afcdp) -- C:\Windows\System32\DRIVERS\afcdp.sys ()
DRV - (tdrpman258) -- C:\Windows\System32\DRIVERS\tdrpm258.sys ()
DRV - (timounter) -- C:\Windows\System32\DRIVERS\timntr.sys ()
DRV - (snapman) -- C:\Windows\System32\DRIVERS\snapman.sys ()
DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys ()
DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys ()
DRV - (LVPr2Mon) -- C:\Windows\System32\DRIVERS\LVPr2Mon.sys ()
DRV - (CLFS) -- C:\Windows\System32\CLFS.sys ()
DRV - (Compbatt) -- C:\Windows\System32\DRIVERS\compbatt.sys ()
DRV - (agp440) -- C:\Windows\System32\drivers\agp440.sys ()
DRV - (atapi) -- C:\Windows\System32\drivers\atapi.sys ()
DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys ()
DRV - (pciide) -- C:\Windows\System32\drivers\pciide.sys ()
DRV - (MsRPC) -- C:\Windows\System32\drivers\msrpc.sys ()
DRV - (nv_agp) -- C:\Windows\System32\drivers\nv_agp.sys ()
DRV - (Mup) -- C:\Windows\System32\Drivers\mup.sys ()
DRV - (mouclass) -- C:\Windows\System32\drivers\mouclass.sys ()
DRV - (mssmbios) -- C:\Windows\System32\drivers\mssmbios.sys ()
DRV - (msisadrv) -- C:\Windows\System32\drivers\msisadrv.sys ()
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys ()
DRV - (isapnp) -- C:\Windows\System32\drivers\isapnp.sys ()
DRV - (kbdclass) -- C:\Windows\System32\drivers\kbdclass.sys ()
DRV - (intelide) -- C:\Windows\System32\drivers\intelide.sys ()
DRV - (FltMgr) -- C:\Windows\System32\drivers\fltmgr.sys ()
DRV - (FileInfo) -- C:\Windows\System32\drivers\fileinfo.sys ()
DRV - (gagp30kx) -- C:\Windows\System32\DRIVERS\gagp30kx.sys ()
DRV - (FsDepends) -- C:\Windows\System32\drivers\FsDepends.sys ()
DRV - (crcdisk) -- C:\Windows\System32\DRIVERS\crcdisk.sys ()
DRV - (Fs_Rec) -- C:\Windows\System32\drivers\fs_rec.sys ()
DRV - (Disk) -- C:\Windows\System32\DRIVERS\disk.sys ()
DRV - (volmgrx) -- C:\Windows\System32\drivers\volmgrx.sys ()
DRV - (uliagpkx) -- C:\Windows\System32\drivers\uliagpkx.sys ()
DRV - (Wd) -- C:\Windows\System32\DRIVERS\wd.sys ()
DRV - (Wdf01000) -- C:\Windows\System32\drivers\Wdf01000.sys ()
DRV - (uagp35) -- C:\Windows\System32\DRIVERS\uagp35.sys ()
DRV - (viaagp) -- C:\Windows\System32\drivers\viaagp.sys ()
DRV - (vdrvroot) -- C:\Windows\System32\drivers\vdrvroot.sys ()
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys ()
DRV - (swenum) -- C:\Windows\System32\drivers\swenum.sys ()
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys ()
DRV - (pcmcia) -- C:\Windows\System32\DRIVERS\pcmcia.sys ()
DRV - (spldr) -- C:\Windows\System32\drivers\spldr.sys ()
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys ()
DRV - (PEAUTH) -- C:\Windows\System32\drivers\peauth.sys ()
DRV - (usbprint) -- C:\Windows\System32\DRIVERS\usbprint.sys ()
DRV - (StillCam) -- C:\Windows\System32\DRIVERS\serscan.sys ()
DRV - (usbscan) -- C:\Windows\System32\DRIVERS\usbscan.sys ()
DRV - (rdpbus) -- C:\Windows\System32\DRIVERS\rdpbus.sys ()
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\rdprefmp.sys ()
DRV - (RDPENCDD) -- C:\Windows\System32\drivers\rdpencdd.sys ()
DRV - (Modem) -- C:\Windows\System32\drivers\modem.sys ()
DRV - (ws2ifsl) -- C:\Windows\System32\drivers\ws2ifsl.sys ()
DRV - (RasAgileVpn) -- C:\Windows\System32\DRIVERS\AgileVpn.sys ()
DRV - (RasSstp) -- C:\Windows\System32\DRIVERS\rassstp.sys ()
DRV - (RasPppoe) -- C:\Windows\System32\DRIVERS\raspppoe.sys ()
DRV - (PptpMiniport) -- C:\Windows\System32\DRIVERS\raspptp.sys ()
DRV - (AsyncMac) -- C:\Windows\System32\DRIVERS\asyncmac.sys ()
DRV - (RasAcd) -- C:\Windows\System32\DRIVERS\rasacd.sys ()
DRV - (Rasl2tp) -- C:\Windows\System32\DRIVERS\rasl2tp.sys ()
DRV - (IPNAT) -- C:\Windows\System32\drivers\ipnat.sys ()
DRV - (IpFilterDriver) -- C:\Windows\System32\DRIVERS\ipfltdrv.sys ()
DRV - (NdisTapi) -- C:\Windows\System32\DRIVERS\ndistapi.sys ()
DRV - (QWAVEdrv) -- C:\Windows\System32\drivers\qwavedrv.sys ()
DRV - (Psched) -- C:\Windows\System32\DRIVERS\pacer.sys ()
DRV - (NetBIOS) -- C:\Windows\System32\DRIVERS\netbios.sys ()
DRV - (WfpLwf) -- C:\Windows\System32\DRIVERS\wfplwf.sys ()
DRV - (Smb) -- C:\Windows\System32\DRIVERS\smb.sys ()
DRV - (IRENUM) -- C:\Windows\System32\drivers\irenum.sys ()
DRV - (rspndr) -- C:\Windows\System32\DRIVERS\rspndr.sys ()
DRV - (lltdio) -- C:\Windows\System32\DRIVERS\lltdio.sys ()
DRV - (mpsdrv) -- C:\Windows\System32\drivers\mpsdrv.sys ()
DRV - (NdisCap) -- C:\Windows\System32\DRIVERS\ndiscap.sys ()
DRV - (NativeWifiP) -- C:\Windows\System32\DRIVERS\nwifi.sys ()
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys ()
DRV - (UmPass) -- C:\Windows\System32\DRIVERS\umpass.sys ()
DRV - (BTHMODEM) -- C:\Windows\System32\DRIVERS\bthmodem.sys ()
DRV - (HidBth) -- C:\Windows\System32\DRIVERS\hidbth.sys ()
DRV - (ohci1394) -- C:\Windows\System32\drivers\ohci1394.sys ()
DRV - (usbcir) -- C:\Windows\System32\drivers\usbcir.sys ()
DRV - (circlass) -- C:\Windows\System32\DRIVERS\circlass.sys ()
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys ()
DRV - (HidIr) -- C:\Windows\System32\DRIVERS\hidir.sys ()
DRV - (drmkaud) -- C:\Windows\System32\drivers\drmkaud.sys ()
DRV - (MTConfig) -- C:\Windows\System32\DRIVERS\MTConfig.sys ()
DRV - (WacomPen) -- C:\Windows\System32\DRIVERS\wacompen.sys ()
DRV - (sfloppy) -- C:\Windows\System32\DRIVERS\sfloppy.sys ()
DRV - (sffp_mmc) -- C:\Windows\System32\drivers\sffp_mmc.sys ()
DRV - (sffdisk) -- C:\Windows\System32\drivers\sffdisk.sys ()
DRV - (fdc) -- C:\Windows\System32\DRIVERS\fdc.sys ()
DRV - (flpydisk) -- C:\Windows\System32\DRIVERS\flpydisk.sys ()
DRV - (Parport) -- C:\Windows\System32\DRIVERS\parport.sys ()
DRV - (Serial) -- C:\Windows\System32\DRIVERS\serial.sys ()
DRV - (Parvdm) -- C:\Windows\System32\DRIVERS\parvdm.sys ()
DRV - (Serenum) -- C:\Windows\System32\DRIVERS\serenum.sys ()
DRV - (mouhid) -- C:\Windows\System32\DRIVERS\mouhid.sys ()
DRV - (sermouse) -- C:\Windows\System32\DRIVERS\sermouse.sys ()
DRV - (MSKSSRV) -- C:\Windows\System32\drivers\MSKSSRV.sys ()
DRV - (MSTEE) -- C:\Windows\System32\drivers\MSTEE.sys ()
DRV - (MSPCLOCK) -- C:\Windows\System32\drivers\MSPCLOCK.sys ()
DRV - (MSPQM) -- C:\Windows\System32\drivers\MSPQM.sys ()
DRV - (Beep) -- C:\Windows\System32\drivers\beep.sys ()
DRV - (monitor) -- C:\Windows\System32\DRIVERS\monitor.sys ()
DRV - (VgaSave) -- C:\Windows\System32\drivers\vga.sys ()
DRV - (vga) -- C:\Windows\System32\DRIVERS\vgapnp.sys ()
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys ()
DRV - (blbdrive) -- C:\Windows\System32\DRIVERS\blbdrive.sys ()
DRV - (HidBatt) -- C:\Windows\System32\DRIVERS\HidBatt.sys ()
DRV - (ErrDev) -- C:\Windows\System32\drivers\errdev.sys ()
DRV - (CmBatt) -- C:\Windows\System32\DRIVERS\CmBatt.sys ()
DRV - (WmiAcpi) -- C:\Windows\System32\drivers\wmiacpi.sys ()
DRV - (luafv) -- C:\Windows\System32\drivers\luafv.sys ()
DRV - (Filetrace) -- C:\Windows\System32\drivers\filetrace.sys ()
DRV - (exfat) -- C:\Windows\System32\drivers\exfat.sys ()
DRV - (fastfat) -- C:\Windows\System32\drivers\fastfat.sys ()
DRV - (nsiproxy) -- C:\Windows\System32\drivers\nsiproxy.sys ()
DRV - (Npfs) -- C:\Windows\System32\drivers\npfs.sys ()
DRV - (Msfs) -- C:\Windows\System32\drivers\msfs.sys ()
DRV - (i8042prt) -- C:\Windows\System32\drivers\i8042prt.sys ()
DRV - (cdfs) -- C:\Windows\System32\DRIVERS\cdfs.sys ()
DRV - (Null) -- C:\Windows\System32\drivers\null.sys ()
DRV - (AmdK8) -- C:\Windows\System32\DRIVERS\amdk8.sys ()
DRV - (intelppm) -- C:\Windows\System32\DRIVERS\intelppm.sys ()
DRV - (ViaC7) -- C:\Windows\System32\DRIVERS\viac7.sys ()
DRV - (AmdPPM) -- C:\Windows\System32\DRIVERS\amdppm.sys ()
DRV - (Processor) -- C:\Windows\System32\DRIVERS\processr.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys ()
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.SYS ()
DRV - (sscemdm) -- C:\Windows\System32\DRIVERS\sscemdm.sys ()
DRV - (sscebus) -- C:\Windows\System32\DRIVERS\sscebus.sys ()
DRV - (sscemdfl) -- C:\Windows\System32\DRIVERS\sscemdfl.sys ()
DRV - (PCD5SRVC{3F6A8B78-EC003E00-05040104}) -- C:\Program Files\Dell Support Center\HWDiag\bin\pcd5srvc.pkms (PC-Doctor, Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys ()
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys ()
DRV - (LVRS) -- C:\Windows\System32\DRIVERS\lvrs.sys ()
DRV - (PID_PEPI) -- C:\Windows\System32\DRIVERS\LV302V32.SYS ()
DRV - (pepifilter) -- C:\Windows\System32\DRIVERS\lv302af.sys ()
DRV - (acehlp10) -- C:\Windows\System32\drivers\acehlp10.sys ()
DRV - (acedrv10) -- C:\Windows\System32\drivers\acedrv10.sys ()
DRV - (Ser2pl) -- C:\Windows\System32\DRIVERS\ser2pl.sys ()
DRV - (VPCNetS2) -- C:\Windows\System32\DRIVERS\VMNetSrv.sys ()
DRV - (hcwPP2) -- C:\Windows\System32\DRIVERS\hcwPP2.sys ()
DRV - (Afc) -- C:\Windows\System32\drivers\Afc.sys ()
DRV - (NCPro) -- C:\Windows\System32\drivers\MTictwl.sys ()
DRV - (MagicTune) -- C:\Windows\System32\drivers\MTiCtwl.sys ()
DRV - (APL531) -- C:\Windows\System32\Drivers\ov550i.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9F 03 6C 66 A8 5F CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {DA811823-1447-45ED-8C46-2E445437545A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=U66n3_68v5dXXGPEP3-mUQI8NMQ?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\{DA811823-1447-45ED-8C46-2E445437545A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7GGLD_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.04.11 20:38:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.20 13:19:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.04.11 20:38:48 | 000,000,000 | ---D | M]
[2010.07.07 21:26:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [PhotoSync] C:\Program Files\PhotoSync\PhotoSync.exe (touchbyte GmbH)
O4 - Startup: C:\Users\Tamy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explorer.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35E6E443-3C1D-4817-8757-12DB1A7C617C}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.08 14:47:03 | 003,564,584 | ---- | C] (Sysinternals) -- C:\Users\Tamy\Desktop\procexp.exe
[2012.08.08 14:39:49 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Tamy\Desktop\OTL.exe
[2012.08.08 14:00:37 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.08.08 11:24:11 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Odd.Jobs.XXX.BDRip.XviD
[2012.08.08 11:18:47 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Babes.12.07.12.Sally.Charles.XXX.1080p.MP4-VSEX[rbg]
[2012.08.05 11:33:25 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Desktop\Progressive Trance May 2011
[2012.08.05 11:32:37 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Desktop\Terminal_1
[2012.08.05 11:20:08 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Desktop\XaU Session 22 [Prog Psy]
[2012.08.05 11:09:27 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Desktop\1Goa_Proggy_(Selection_of_Progressive_Psychedelic_Trance)
[2012.08.05 11:08:38 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Desktop\Erosion-Compiled_By_DJ_BigZ-2012
[2012.08.05 11:08:22 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Desktop\Carrots_And_Stick_Vol._2-2CD
[2012.07.14 10:52:20 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Desktop\Weltbildlapalma11_mcf-Dateien - Kopie
[2012.07.14 10:52:08 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Desktop\Weltbild
[2012.07.14 10:49:34 | 000,000,000 | ---D | C] -- C:\Users\Tamy\Desktop\pasci
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.08 14:43:11 | 000,704,368 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.08 14:43:11 | 000,665,644 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.08 14:43:11 | 000,148,674 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.08 14:43:11 | 000,124,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.08 14:33:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Tamy\Desktop\OTL.exe
[2012.08.08 14:21:11 | 000,026,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.08 14:21:11 | 000,026,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.08 14:07:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.08 14:07:51 | 1609,154,560 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.08 13:59:11 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.08 12:51:24 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.08 11:24:19 | 000,000,806 | ---- | M] () -- C:\Users\Tamy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explorer.lnk
[2012.08.08 11:23:09 | 000,069,120 | ---- | M] () -- C:\Windows\System32\drivers\2a398259849a3d2b.sys
[2012.08.07 16:00:55 | 245,552,030 | ---- | M] () -- C:\Users\Tamy\Desktop\Come Fly with me.avi
[2012.08.06 14:10:03 | 002,269,449 | ---- | M] () -- C:\Users\Tamy\Desktop\Andenken.pdf
[2012.08.06 14:09:04 | 000,933,974 | ---- | M] () -- C:\Users\Tamy\Desktop\Z2.pdf
[2012.08.06 14:05:16 | 001,632,065 | ---- | M] () -- C:\Users\Tamy\Desktop\Z1.pdf
[2012.08.04 14:58:13 | 000,321,706 | ---- | M] () -- C:\Users\Tamy\Desktop\IMG_NEW.jpg
[2012.07.29 14:37:08 | 000,214,112 | ---- | M] () -- C:\Users\Tamy\Desktop\1440_George%20Cloony.jpg
[2012.07.29 14:27:04 | 000,027,883 | ---- | M] () -- C:\Users\Tamy\Desktop\nespresso021-2.jpg
[2012.07.29 14:26:22 | 000,095,477 | ---- | M] () -- C:\Users\Tamy\Desktop\George-Clooney-Nespresso.jpg
[2012.07.29 14:23:18 | 000,031,787 | ---- | M] () -- C:\Users\Tamy\Desktop\nestls-superstar-12300-nespresso-kapseln-pro-minute-104798401.jpg
[2012.07.29 14:19:15 | 000,052,559 | ---- | M] () -- C:\Users\Tamy\Desktop\Unbenannt.png
[2012.07.29 14:18:00 | 000,005,287 | ---- | M] () -- C:\Users\Tamy\Desktop\imagesCA81H3O2.jpg
[2012.07.29 14:16:03 | 000,004,655 | ---- | M] () -- C:\Users\Tamy\Desktop\imagesCAZX9DD1.jpg
[2012.07.29 14:11:06 | 000,002,772 | ---- | M] () -- C:\Users\Tamy\Desktop\imagesCA04EOQZ.jpg
[2012.07.29 14:07:37 | 000,383,890 | ---- | M] () -- C:\Users\Tamy\Desktop\George%20Clooney%20Wallpapers%2011.jpg
[2012.07.21 14:42:42 | 000,002,569 | ---- | M] () -- C:\Users\Public\Desktop\PhotoSync.lnk
[2012.07.14 11:36:19 | 000,064,463 | ---- | M] () -- C:\Users\Tamy\Desktop\london.jpg
[2012.07.14 11:13:40 | 000,042,751 | ---- | M] () -- C:\Users\Tamy\Desktop\luchs.htm
[2012.07.14 11:10:50 | 000,042,091 | ---- | M] () -- C:\Users\Tamy\Desktop\sadhu.htm
[2012.07.14 11:01:37 | 000,085,697 | ---- | M] () -- C:\Users\Tamy\Desktop\5.jpg
[2012.07.14 08:34:25 | 000,081,920 | ---- | M] () -- C:\Users\Tamy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.11 22:14:34 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.08 12:51:24 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.08 11:23:53 | 000,000,806 | ---- | C] () -- C:\Users\Tamy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explorer.lnk
[2012.08.08 11:23:09 | 000,069,120 | ---- | C] () -- C:\Windows\System32\drivers\2a398259849a3d2b.sys
[2012.08.07 13:56:15 | 245,552,030 | ---- | C] () -- C:\Users\Tamy\Desktop\Come Fly with me.avi
[2012.08.06 14:10:09 | 002,269,449 | ---- | C] () -- C:\Users\Tamy\Desktop\Andenken.pdf
[2012.08.06 14:09:20 | 000,933,974 | ---- | C] () -- C:\Users\Tamy\Desktop\Z2.pdf
[2012.08.06 14:08:31 | 001,632,065 | ---- | C] () -- C:\Users\Tamy\Desktop\Z1.pdf
[2012.08.04 14:58:11 | 000,321,706 | ---- | C] () -- C:\Users\Tamy\Desktop\IMG_NEW.jpg
[2012.07.29 14:37:34 | 000,214,112 | ---- | C] () -- C:\Users\Tamy\Desktop\1440_George%20Cloony.jpg
[2012.07.29 14:27:13 | 000,027,883 | ---- | C] () -- C:\Users\Tamy\Desktop\nespresso021-2.jpg
[2012.07.29 14:26:40 | 000,095,477 | ---- | C] () -- C:\Users\Tamy\Desktop\George-Clooney-Nespresso.jpg
[2012.07.29 14:23:29 | 000,031,787 | ---- | C] () -- C:\Users\Tamy\Desktop\nestls-superstar-12300-nespresso-kapseln-pro-minute-104798401.jpg
[2012.07.29 14:19:15 | 000,052,559 | ---- | C] () -- C:\Users\Tamy\Desktop\Unbenannt.png
[2012.07.29 14:18:16 | 000,005,287 | ---- | C] () -- C:\Users\Tamy\Desktop\imagesCA81H3O2.jpg
[2012.07.29 14:16:26 | 000,004,655 | ---- | C] () -- C:\Users\Tamy\Desktop\imagesCAZX9DD1.jpg
[2012.07.29 14:11:27 | 000,002,772 | ---- | C] () -- C:\Users\Tamy\Desktop\imagesCA04EOQZ.jpg
[2012.07.29 14:07:59 | 000,383,890 | ---- | C] () -- C:\Users\Tamy\Desktop\George%20Clooney%20Wallpapers%2011.jpg
[2012.07.14 11:36:31 | 000,064,463 | ---- | C] () -- C:\Users\Tamy\Desktop\london.jpg
[2012.07.14 11:13:39 | 000,042,751 | ---- | C] () -- C:\Users\Tamy\Desktop\luchs.htm
[2012.07.14 11:10:50 | 000,042,091 | ---- | C] () -- C:\Users\Tamy\Desktop\sadhu.htm
[2012.07.14 11:01:48 | 000,085,697 | ---- | C] () -- C:\Users\Tamy\Desktop\5.jpg
[2012.07.14 10:52:20 | 000,046,072 | ---- | C] () -- C:\Users\Tamy\Desktop\Weltbildlapalma2 - Kopie.mcf
[2012.05.30 10:00:58 | 000,160,596 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012.05.23 09:07:31 | 160,022,469 | ---- | C] () -- C:\Users\Tamy\C.mp4x
[2012.05.21 19:10:55 | 1711,678,176 | ---- | C] () -- C:\Users\Tamy\Adobe Photoshop Elements 10.exe
[2012.05.01 13:29:06 | 087,183,143 | ---- | C] () -- C:\Users\Tamy\bitreactor.to_Ivy_Quainoo_-_Ivy-2012.rar
[2012.04.26 11:51:12 | 077,075,346 | ---- | C] () -- C:\Users\Tamy\bitreactor.to_Guano_Apes_-_Bel_Air-2011-YSP.rar
[2012.03.09 21:54:31 | 070,038,292 | ---- | C] () -- C:\Users\Tamy\bitreactor.to_Andrea_Berg.rar
[2012.02.15 11:01:50 | 000,043,520 | ---- | C] () -- C:\Windows\System32\drivers\usbaapl.sys
[2012.02.14 16:45:19 | 076,431,695 | ---- | C] () -- C:\Users\Tamy\bitreactor.to_Helene_Fischer-Fuer_Einen_Tag.rar
[2012.02.09 13:12:20 | 000,001,318 | ---- | C] () -- C:\Windows\System32\.ini
[2012.02.07 11:51:16 | 057,267,870 | ---- | C] () -- C:\Users\Tamy\Dr Arnd Stein -Sebstbewusstsein stärken-Seedet for www.bitreactor.to.rar
[2012.02.07 11:48:00 | 028,254,897 | ---- | C] () -- C:\Users\Tamy\Arndt Stein - Autogenes Training - Konzentration Steigern.rar
[2012.01.11 16:56:28 | 000,124,546 | ---- | C] () -- C:\Users\Tamy\Medizin - Anleitung Autogenes Training.rar
[2011.12.15 15:36:28 | 002,342,912 | ---- | C] () -- C:\Windows\System32\win32k.sys
[2011.12.15 15:35:55 | 000,038,912 | ---- | C] () -- C:\Windows\System32\csrsrv.dll
[2011.12.15 15:35:51 | 003,967,856 | ---- | C] () -- C:\Windows\System32\ntkrnlpa.exe
[2011.11.09 20:54:39 | 001,290,608 | ---- | C] () -- C:\Windows\System32\drivers\tcpip.sys
[2011.10.23 14:32:03 | 001,642,605 | ---- | C] () -- C:\Users\Tamy\CorePlayer PPC 1.3.6 full.rar
[2011.10.17 18:59:03 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.10.01 17:20:30 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2011.08.17 10:56:30 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\usbser_lowerflt.sys
[2011.08.10 21:09:50 | 000,223,744 | ---- | C] () -- C:\Windows\System32\drivers\mrxsmb10.sys
[2011.07.10 17:34:34 | 000,026,600 | ---- | C] () -- C:\Windows\System32\drivers\GEARAspiWDM.sys
[2011.07.09 11:26:09 | 000,052,224 | ---- | C] () -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2011.07.09 11:25:41 | 000,520,064 | ---- | C] () -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2011.07.09 11:25:37 | 000,233,344 | ---- | C] () -- C:\Windows\System32\drivers\msiscsi.sys
[2011.07.09 11:25:36 | 000,014,208 | ---- | C] () -- C:\Windows\System32\drivers\hwpolicy.sys
[2011.07.09 11:25:27 | 000,213,504 | ---- | C] () -- C:\Windows\System32\rdpdd.dll
[2011.07.09 11:24:59 | 000,183,808 | ---- | C] () -- C:\Windows\System32\drivers\rdpwd.sys
[2011.07.09 11:24:55 | 000,388,096 | ---- | C] () -- C:\Windows\System32\drivers\csc.sys
[2011.07.09 11:24:47 | 000,508,904 | ---- | C] () -- C:\Windows\System32\winload.exe
[2011.07.09 11:24:41 | 000,245,632 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2011.07.09 11:24:40 | 000,712,576 | ---- | C] () -- C:\Windows\System32\drivers\ndis.sys
[2011.07.09 11:24:39 | 000,240,000 | ---- | C] () -- C:\Windows\System32\drivers\netio.sys
[2011.07.09 11:24:35 | 000,513,536 | ---- | C] () -- C:\Windows\System32\drivers\http.sys
[2011.07.09 11:24:31 | 000,115,712 | ---- | C] () -- C:\Windows\System32\drivers\mrxdav.sys
[2011.07.09 11:24:29 | 000,164,864 | ---- | C] () -- C:\Windows\System32\drivers\1394ohci.sys
[2011.07.09 11:24:24 | 000,194,800 | ---- | C] () -- C:\Windows\System32\drivers\fvevol.sys
[2011.07.09 11:24:23 | 000,242,688 | ---- | C] () -- C:\Windows\System32\drivers\rdbss.sys
[2011.07.09 11:24:23 | 000,116,096 | ---- | C] () -- C:\Windows\System32\drivers\msdsm.sys
[2011.07.09 11:24:22 | 000,116,736 | ---- | C] () -- C:\Windows\System32\prncache.dll
[2011.07.09 11:24:20 | 000,690,680 | ---- | C] () -- C:\Windows\System32\ci.dll
[2011.07.09 11:24:19 | 000,175,360 | ---- | C] () -- C:\Windows\System32\drivers\vmbus.sys
[2011.07.09 11:24:19 | 000,153,984 | ---- | C] () -- C:\Windows\System32\drivers\pci.sys
[2011.07.09 11:24:12 | 000,053,120 | ---- | C] () -- C:\Windows\System32\drivers\termdd.sys
[2011.07.09 11:24:11 | 000,133,632 | ---- | C] () -- C:\Windows\System32\drivers\rdpdr.sys
[2011.07.09 11:24:11 | 000,085,376 | ---- | C] () -- C:\Windows\System32\drivers\sbp2port.sys
[2011.07.09 11:24:07 | 000,160,128 | ---- | C] () -- C:\Windows\System32\drivers\vhdmp.sys
[2011.07.09 11:24:06 | 000,028,032 | ---- | C] () -- C:\Windows\System32\drivers\msahci.sys
[2011.07.09 11:24:00 | 000,274,304 | ---- | C] () -- C:\Windows\System32\drivers\acpi.sys
[2011.07.09 11:23:59 | 000,246,784 | ---- | C] () -- C:\Windows\System32\drivers\udfs.sys
[2011.07.09 11:23:57 | 000,194,432 | ---- | C] () -- C:\Windows\System32\halmacpi.dll
[2011.07.09 11:23:57 | 000,194,432 | ---- | C] () -- C:\Windows\System32\hal.dll
[2011.07.09 11:23:55 | 000,035,968 | ---- | C] () -- C:\Windows\System32\drivers\winusb.sys
[2011.07.09 11:23:54 | 000,053,120 | ---- | C] () -- C:\Windows\System32\drivers\volmgr.sys
[2011.07.09 11:23:53 | 000,187,904 | ---- | C] () -- C:\Windows\System32\drivers\netbt.sys
[2011.07.09 11:23:53 | 000,056,192 | ---- | C] () -- C:\Windows\System32\drivers\partmgr.sys
[2011.07.09 11:23:49 | 000,132,992 | ---- | C] () -- C:\Windows\System32\drivers\ataport.sys
[2011.07.09 11:23:43 | 000,130,432 | ---- | C] () -- C:\Windows\System32\drivers\mpio.sys
[2011.07.09 11:23:42 | 000,078,208 | ---- | C] () -- C:\Windows\System32\drivers\mountmgr.sys
[2011.07.09 11:23:41 | 000,140,160 | ---- | C] () -- C:\Windows\System32\drivers\scsiport.sys
[2011.07.09 11:23:40 | 000,043,392 | ---- | C] () -- C:\Windows\System32\drivers\winhv.sys
[2011.07.09 11:23:39 | 000,040,704 | ---- | C] () -- C:\Windows\System32\drivers\vmstorfl.sys
[2011.07.09 11:23:37 | 000,028,032 | ---- | C] () -- C:\Windows\System32\drivers\storvsc.sys
[2011.07.09 11:23:35 | 000,173,440 | ---- | C] () -- C:\Windows\System32\drivers\rdyboost.sys
[2011.07.09 11:23:32 | 000,067,456 | ---- | C] () -- C:\Windows\System32\drivers\ksecdd.sys
[2011.07.09 11:23:25 | 000,190,976 | ---- | C] () -- C:\Windows\System32\drivers\ks.sys
[2011.07.09 11:23:17 | 000,137,088 | ---- | C] () -- C:\Windows\System32\halacpi.dll
[2011.07.09 11:23:17 | 000,055,808 | ---- | C] () -- C:\Windows\System32\drivers\hidclass.sys
[2011.07.09 11:23:09 | 000,074,752 | ---- | C] () -- C:\Windows\System32\drivers\tdx.sys
[2011.07.09 11:23:07 | 000,031,232 | ---- | C] () -- C:\Windows\System32\drivers\tssecsrv.sys
[2011.07.09 11:22:59 | 000,048,640 | ---- | C] () -- C:\Windows\System32\drivers\ndproxy.sys
[2011.07.09 11:22:38 | 000,117,760 | ---- | C] () -- C:\Windows\System32\drivers\rmcast.sys
[2011.07.09 11:22:31 | 000,080,768 | ---- | C] () -- C:\Windows\System32\drivers\USBAUDIO.sys
[2011.07.09 11:22:25 | 000,035,328 | ---- | C] () -- C:\Windows\System32\drivers\tcpipreg.sys
[2011.07.09 11:22:23 | 000,046,080 | ---- | C] () -- C:\Windows\System32\drivers\ndisuio.sys
[2011.07.09 11:22:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.07.09 11:22:13 | 000,021,504 | ---- | C] () -- C:\Windows\System32\drivers\tdi.sys
[2011.07.09 11:22:11 | 000,031,232 | ---- | C] () -- C:\Windows\System32\drivers\CompositeBus.sys
[2011.07.09 11:22:08 | 000,108,544 | ---- | C] () -- C:\Windows\System32\drivers\cdrom.sys
[2011.07.09 11:22:05 | 000,108,544 | ---- | C] () -- C:\Windows\System32\drivers\tunnel.sys
[2011.07.09 11:22:05 | 000,078,336 | ---- | C] () -- C:\Windows\System32\drivers\dfsc.sys
[2011.07.09 11:22:03 | 000,121,856 | ---- | C] () -- C:\Windows\System32\RDPENCDD.dll
[2011.07.09 11:22:00 | 000,010,240 | ---- | C] () -- C:\Windows\System32\drivers\acpipmi.sys
[2011.07.09 11:21:55 | 000,118,784 | ---- | C] () -- C:\Windows\System32\drivers\ndiswan.sys
[2011.07.09 11:21:53 | 000,050,176 | ---- | C] () -- C:\Windows\System32\drivers\appid.sys
[2011.07.09 11:21:53 | 000,024,064 | ---- | C] () -- C:\Windows\System32\drivers\hidusb.sys
[2011.07.09 11:21:53 | 000,017,920 | ---- | C] () -- C:\Windows\System32\drivers\VMBusHID.sys
[2011.07.09 11:21:52 | 000,132,224 | ---- | C] () -- C:\Windows\System32\drivers\WUDFRd.sys
[2011.07.09 11:21:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\drivers\IPMIDrv.sys
[2011.07.09 11:21:49 | 000,027,648 | ---- | C] () -- C:\Windows\System32\drivers\usbser.sys
[2011.07.09 11:21:48 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\kbdhid.sys
[2011.07.09 11:21:47 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\tdtcp.sys
[2011.07.09 11:21:46 | 000,304,128 | ---- | C] () -- C:\Windows\System32\drivers\HdAudio.sys
[2011.07.09 11:21:46 | 000,063,488 | ---- | C] () -- C:\Windows\System32\drivers\wanarp.sys
[2011.07.09 11:21:46 | 000,039,936 | ---- | C] () -- C:\Windows\System32\drivers\umbus.sys
[2011.07.09 11:21:46 | 000,018,432 | ---- | C] () -- C:\Windows\System32\drivers\tdpipe.sys
[2011.07.09 11:21:45 | 000,108,544 | ---- | C] () -- C:\Windows\System32\drivers\hdaudbus.sys
[2011.07.09 11:21:45 | 000,092,672 | ---- | C] () -- C:\Windows\System32\drivers\WUDFPf.sys
[2011.07.09 11:21:45 | 000,026,624 | ---- | C] () -- C:\Windows\System32\drivers\scfilter.sys
[2011.07.09 11:21:45 | 000,026,624 | ---- | C] () -- C:\Windows\System32\RDPREFDD.dll
[2011.07.09 11:21:45 | 000,012,800 | ---- | C] () -- C:\Windows\System32\drivers\sffp_sd.sys
[2011.07.09 11:21:45 | 000,006,656 | ---- | C] () -- C:\Windows\System32\drivers\RDPCDD.sys
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDUS.DLL
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDUGHR1.DLL
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDTURME.DLL
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDTAJIK.DLL
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDMON.DLL
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDMAORI.DLL
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDLT1.DLL
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDINTEL.DLL
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDINORI.DLL
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDINKAN.DLL
[2011.07.09 11:21:41 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDBULG.DLL
[2011.07.09 11:21:41 | 000,005,632 | ---- | C] () -- C:\Windows\System32\KBDGEO.DLL
[2011.07.09 11:21:40 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDSF.DLL
[2011.07.09 11:21:40 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDBLR.DLL
[2011.07.09 11:21:40 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDBASH.DLL
[2011.07.09 11:21:39 | 000,007,168 | ---- | C] () -- C:\Windows\System32\kbdlk41a.dll
[2011.07.09 11:21:39 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDTUQ.DLL
[2011.07.09 11:21:39 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDNEPR.DLL
[2011.07.09 11:21:39 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDINBEN.DLL
[2011.07.09 11:21:39 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDGR1.DLL
[2011.07.09 11:21:39 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDINTAM.DLL
[2011.07.09 11:21:39 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDINMAR.DLL
[2011.07.09 11:21:39 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDINHIN.DLL
[2011.07.09 11:21:38 | 000,007,168 | ---- | C] () -- C:\Windows\System32\KBDSG.DLL
[2011.07.09 11:21:38 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDTUF.DLL
[2011.07.09 11:21:38 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDPO.DLL
[2011.07.09 11:21:38 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDGKL.DLL
[2011.07.09 11:21:37 | 000,007,168 | ---- | C] () -- C:\Windows\System32\KBDCZ1.DLL
[2011.07.09 11:21:37 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\vms3cap.sys
[2011.07.05 18:29:21 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.07.05 18:29:21 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.06.25 10:42:00 | 000,001,456 | -HS- | C] () -- C:\Users\Tamy\AppData\Local\ur2680m52fvj88y4fbbmyng1vxw5klf6y6k65w8r64uanvj
[2011.06.25 10:42:00 | 000,001,456 | -HS- | C] () -- C:\ProgramData\ur2680m52fvj88y4fbbmyng1vxw5klf6y6k65w8r64uanvj
[2011.06.17 20:16:24 | 000,311,808 | ---- | C] () -- C:\Windows\System32\drivers\srv.sys
[2011.06.17 20:16:24 | 000,310,272 | ---- | C] () -- C:\Windows\System32\drivers\srv2.sys
[2011.06.17 20:16:24 | 000,114,688 | ---- | C] () -- C:\Windows\System32\drivers\srvnet.sys
[2011.06.17 20:16:12 | 000,338,944 | ---- | C] () -- C:\Windows\System32\drivers\afd.sys
[2011.06.17 20:16:12 | 000,187,776 | ---- | C] () -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011.06.17 20:15:54 | 000,123,904 | ---- | C] () -- C:\Windows\System32\drivers\mrxsmb.sys
[2011.06.17 20:15:54 | 000,096,768 | ---- | C] () -- C:\Windows\System32\drivers\mrxsmb20.sys
[2011.05.25 16:02:14 | 000,027,008 | ---- | C] () -- C:\Windows\System32\drivers\Diskdump.sys
[2011.05.21 21:31:43 | 000,000,075 | RHS- | C] () -- C:\Windows\ICMET20.BIN
[2011.05.21 20:43:38 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2011.05.21 20:42:42 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.05.11 15:08:56 | 000,284,672 | ---- | C] () -- C:\Windows\System32\drivers\usbport.sys
[2011.05.11 15:08:56 | 000,258,560 | ---- | C] () -- C:\Windows\System32\drivers\usbhub.sys
[2011.05.11 15:08:56 | 000,043,008 | ---- | C] () -- C:\Windows\System32\drivers\usbehci.sys
[2011.05.11 15:08:55 | 000,075,776 | ---- | C] () -- C:\Windows\System32\drivers\usbccgp.sys
[2011.05.11 15:08:55 | 000,024,064 | ---- | C] () -- C:\Windows\System32\drivers\usbuhci.sys
[2011.05.11 15:08:55 | 000,020,480 | ---- | C] () -- C:\Windows\System32\drivers\usbohci.sys
[2011.05.11 15:08:55 | 000,005,888 | ---- | C] () -- C:\Windows\System32\drivers\usbd.sys
[2011.05.10 08:06:14 | 000,018,432 | ---- | C] () -- C:\Windows\System32\drivers\netaapl.sys
[2011.04.27 19:01:40 | 001,211,264 | ---- | C] () -- C:\Windows\System32\drivers\ntfs.sys
[2011.04.27 19:01:40 | 000,143,744 | ---- | C] () -- C:\Windows\System32\drivers\nvstor.sys
[2011.04.27 19:01:39 | 000,117,120 | ---- | C] () -- C:\Windows\System32\drivers\nvraid.sys
[2011.04.27 19:01:39 | 000,080,256 | ---- | C] () -- C:\Windows\System32\drivers\amdsata.sys
[2011.04.27 19:01:38 | 000,332,160 | ---- | C] () -- C:\Windows\System32\drivers\iaStorV.sys
[2011.04.27 19:01:38 | 000,148,864 | ---- | C] () -- C:\Windows\System32\drivers\storport.sys
[2011.04.27 19:01:38 | 000,022,400 | ---- | C] () -- C:\Windows\System32\drivers\amdxata.sys
[2011.04.27 19:01:37 | 000,076,288 | ---- | C] () -- C:\Windows\System32\drivers\USBSTOR.SYS
[2011.04.13 20:26:43 | 000,294,912 | ---- | C] () -- C:\Windows\System32\atmfd.dll
[2011.04.13 20:26:09 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\bowser.sys
[2011.03.05 12:33:56 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.02.09 15:35:19 | 000,728,448 | ---- | C] () -- C:\Windows\System32\drivers\dxgkrnl.sys
[2011.02.09 15:35:18 | 000,219,008 | ---- | C] () -- C:\Windows\System32\drivers\dxgmms1.sys
[2011.02.09 15:35:18 | 000,107,520 | ---- | C] () -- C:\Windows\System32\cdd.dll
[2011.02.04 23:14:37 | 000,018,688 | ---- | C] () -- C:\Windows\System32\drivers\afc.sys
[2010.09.11 16:59:23 | 000,075,776 | ---- | C] () -- C:\Windows\System32\drivers\ser2pl.sys
[2010.08.06 06:56:40 | 000,157,514 | ---- | C] () -- C:\Users\Tamy\FunPhotoBox052354qqycfv.jpg
[2010.07.20 16:57:39 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Keyboard Layouts
[2010.07.20 16:57:39 | 000,000,268 | RH-- | C] () -- C:\Users\Tamy\AppData\Roaming\Jazz
[2010.07.20 16:57:38 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Limiter
[2010.07.20 16:57:37 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010.07.20 16:53:36 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Jingles
[2010.07.20 16:53:36 | 000,000,268 | RH-- | C] () -- C:\Users\Tamy\AppData\Roaming\Internet Services
[2010.07.20 16:53:36 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010.07.20 16:53:36 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Legacy
[2010.01.05 19:18:29 | 000,000,156 | ---- | C] () -- C:\Users\Tamy\AppData\Roaming\default.rss
[2009.12.31 18:17:34 | 000,007,655 | ---- | C] () -- C:\Users\Tamy\AppData\Local\Resmon.ResmonCfg
[2009.11.17 21:18:15 | 000,081,920 | ---- | C] () -- C:\Users\Tamy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Alternate Data Streams ==========
@Alternate Data Stream - 108 bytes -> C:\Windows:�
< End of report >
--- --- ---
und hier das zweite Log:OTL EXTRAS Logfile:
OTL Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
OTL Extras logfile created on: 08.08.2012 14:49:42 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Tamy\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.40% Memory free
4.00 Gb Paging File | 3.08 Gb Available in Paging File | 77.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228.14 Gb Total Space | 10.17 Gb Free Space | 4.46% Space Free | Partition Type: NTFS
Drive J: | 963.70 Mb Total Space | 859.83 Mb Free Space | 89.22% Space Free | Partition Type: FAT
Computer Name: OGOZ | User Name: Tamy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 3.Manage] -- "C:\Program Files\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\Weltbild\Weltbild Fotoservice\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoschau] -- "C:\Program Files\Pixum\Pixum EasyBook\Fotoschau.exe" -d "%1" ()
Directory [locate] -- C:\Program Files\Locate\Locate32.exe /p "%1" ()
Directory [open] -- "C:\Program Files\zabkat\xplorer2\xplorer2_uc.exe" /M "%1" (ZabKat)
Directory [Pixum EasyBook] -- "C:\Program Files\Pixum\Pixum EasyBook\Pixum EasyBook.exe" "%1" ()
Directory [Pixum Fotobuch] -- "C:\Program Files\Pixum\Pixum EasyBook\Pixum Fotobuch.exe" "%1" ()
Directory [Weltbild Fotoservice] -- "C:\Program Files\Weltbild\Weltbild Fotoservice\Weltbild Fotoservice.exe" "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{23F19108-9505-4D3A-8443-E8A07224DAB1}" = lport=5004 | protocol=17 | dir=in | name=remote control |
"{26F4CE03-4B00-446B-85D1-6DD48C1FF1D7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{29A1F158-F8AF-40F6-AE97-F62305EDF95C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{31B49560-8C7F-40EF-B2B4-ECEC33A6DFE9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{344F3A66-7F50-4623-8DF7-28CE929B8A37}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra profi business 2011b\wnt500x86\rpcsandrasrv.exe |
"{3BABA60F-F522-4CB0-81F6-2EE3DB4B430E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3E780B7B-3D21-45F3-AD68-1C4B7B165BC3}" = lport=137 | protocol=17 | dir=in | app=system |
"{3FC99385-B2D9-44C3-AEA4-E9FF324190DC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{40EDDB43-EAC1-438A-9C01-DC5A26A56A80}" = lport=445 | protocol=6 | dir=in | app=system |
"{4838E88A-E310-405A-A60F-164FC45321FE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4D079480-EB89-4E73-8C83-864724CF1441}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{61914EA0-F915-4B35-A87E-36A9DF8CB6EF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64E3735A-00B2-414E-94B8-220D940C4717}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{682B4C57-0C2E-428E-ACE6-4AA40C54E946}" = rport=138 | protocol=17 | dir=out | app=system |
"{6996B402-51BA-4C68-86EF-44EBF75D11CF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6E24489A-66C9-4E6E-BA63-EFC9A0967F0A}" = lport=138 | protocol=17 | dir=in | app=system |
"{73BD5AA0-D61D-4BA6-979C-F7E3DE96702C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7DFC5186-D305-4FE0-A4D0-61FEAC602314}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8DD3EA41-795A-4691-9D0A-8334DDD62511}" = lport=14675 | protocol=17 | dir=in | name=remote control |
"{951A39FF-5C3E-457B-A592-5DF7BE58AA66}" = rport=139 | protocol=6 | dir=out | app=system |
"{97F70DA3-18BB-4E15-A62B-DB7BBF5498EA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9881DAE1-A31D-43D2-B2B9-7540FAD61793}" = lport=139 | protocol=6 | dir=in | app=system |
"{9B78FE49-E7F7-46C1-B6C0-BF17AB55C4F6}" = rport=445 | protocol=6 | dir=out | app=system |
"{9E7A903C-2B80-44FF-B814-0D68D1CBDD93}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AB8BED2F-FB32-43BD-860D-E8658C659671}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3B4CD28-AA0F-41C4-B9F8-1E9FBC76D4B0}" = lport=35722 | protocol=6 | dir=in | name=photosync |
"{CC75D6DB-F1D9-4035-91F5-C3B924CBF265}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E588621E-9ADF-4925-81E5-5577EEA43657}" = rport=137 | protocol=17 | dir=out | app=system |
"{F1A83A0F-6C47-4D66-A128-95C63222EF8B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{F31521A5-5686-4DBE-8E44-B75987A00BAB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0253EEBF-E16B-4F5D-BE53-0BFB66F2102C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{04C4C515-9CA3-403A-90B5-AB400D22E99A}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{1EAFA56B-7983-4FC7-852F-93CFEAC778C9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{21161CEB-B930-4C9B-9730-E07B33E48A56}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{2191FADA-7D82-468F-90F9-7D2E6C7BE6B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{394736AA-64D6-42F2-94DC-61EE6F05984C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{3A918C1B-70A4-4F10-AB26-9C8183344163}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3E899A74-4B69-4C8A-8A3A-7D78A8B6DDDE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{486EE266-0B57-4695-9018-63CF9D5486A9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4BB1B55F-D9BE-4EB9-8C85-5CD54F9DCBC0}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{5DB25B21-7B0F-47F3-878E-E44EFA24F624}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C43A14D-8A45-4D78-AA1A-AACE23D470D6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{70223417-AB9C-41F9-8883-A6A163979E7C}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{75243E98-6EC3-4A57-A07B-9A0935EE856A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{77E156B4-9C8F-4517-9028-33459C98BF82}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{80C2A4C2-716C-4E9A-BE42-67D45747B505}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{82076122-8F6F-49AD-9DB4-6CC2F78F8F6A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{8403957C-7721-498E-B3E4-EAABCA9314D4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{892E941C-C1B3-4397-A160-BA74D273F987}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{8BF97292-9A99-46B3-BEDD-6FC0FA1D6960}" = protocol=6 | dir=out | app=system |
"{8CFB5582-BBC7-4AD6-B6DD-23BBFAC7C69F}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9477FF81-1756-4F7A-A726-9FEB259E7A97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9958FD9D-4133-49A7-B530-A42CCD0FDA98}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{9B6F752D-A8CC-49E4-ADE0-A04C65FC6646}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A9692A7C-C8C5-46AD-AFE1-E710E427F937}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B900A311-569E-4C67-89E7-7C49E235CCB7}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{BECB85EC-B8CE-4E20-93E1-D43F4AA97A7E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C5A85F82-3B16-496F-BB49-7DE0AC114C17}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{CC3642F9-F241-4AEC-A52D-F6D35E48DDDD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D27543A5-57FE-4F6F-AC27-4F27D5CBD2B2}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{D2B43D30-301F-4A46-B85B-2A367D50D217}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E66F8EF5-EF33-4BC5-912B-A673B0946A63}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FEC8E02E-68CB-4ACE-9012-1CD47F2D7A89}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{0AE40E32-C282-40C3-BBAA-610B91277D1C}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{56E0040E-CE0E-41DF-9967-500414EA6563}C:\program files\freecom remote control\remote control.exe" = protocol=6 | dir=in | app=c:\program files\freecom remote control\remote control.exe |
"TCP Query User{90B955B1-0054-42B8-A518-25507C599D89}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{9F706D9E-942F-4A02-B651-4390A6331C99}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{C66CE7A8-FA4F-44A6-99F8-9554D7214A24}C:\program files\freecom remote control\remote control.exe" = protocol=6 | dir=in | app=c:\program files\freecom remote control\remote control.exe |
"TCP Query User{C81B595C-EFC9-49D2-B847-95D40BB3C5D1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{DD961B97-2719-4DD6-9112-AAD3742CA5E1}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{EABC5F91-88B3-4241-AACA-E9068072252F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{06D01EB5-B146-4AE4-9940-FB283F1371B2}C:\program files\freecom remote control\remote control.exe" = protocol=17 | dir=in | app=c:\program files\freecom remote control\remote control.exe |
"UDP Query User{31E1A048-E1D7-4F70-8054-236FE283C2A9}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{733C673B-2313-4A03-844E-1C74F0927FBB}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{B198273D-D560-4CD1-B733-EC89DD0A5D7F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D1711F58-2DD6-4366-A9AA-F43DFBEEDF39}C:\program files\freecom remote control\remote control.exe" = protocol=17 | dir=in | app=c:\program files\freecom remote control\remote control.exe |
"UDP Query User{D8F05B66-2172-42CF-8737-2DD8EE96A109}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{E0F17819-89DD-4C7F-A97C-3580973A97C1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{F1DEDB3A-BDBE-4691-B89C-F0C0936F2F8C}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02627EE5-EACA-4742-A9CC-E687631773E4}" = Nero ShowTime
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{063E409E-3D7C-4A4A-95AB-2F124B9224B3}" = ArcSoft PhotoImpression 6
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{086A7D8C-0A38-4C7F-819A-620275550D5C}" = Nero Burning ROM Help
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX850_series" = Canon MX850 series
"{1B280FAF-AE10-4E31-A41A-DB3917D651DC}" = ACDSee Pro 3
"{1C00C7C5-E615-4139-B817-7F4003DE68C0}" = Nero PhotoSnap Help
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 20
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3A76FE7E-4515-43C8-8BEB-FB550B04D2FA}" = PhotoSync
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}" = Microsoft Research AutoCollage 2008 version 1.1
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4822DF0D-087B-435C-843D-ADAB239CCA13}_is1" = Boilsoft Video Converter 3.01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}" = Nokia Ovi Suite Software Updater
"{54830C72-C607-4DA5-B7E3-22297BF3ED8A}" = HBS Zweirad
"{56ABA277-EE53-4478-A607-FA42208FF5A9}" = Menu Templates - Pack 1
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57250E78-F6E2-4DCE-9A84-50B28A70AB84}" = Menu Templates - Pack 3
"{580EC579-E476-469F-9EBF-F82D696FC67A}" = iClone SE
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5A9AA2C0-972F-4239-AA41-E409434194D5}" = MobileMe Control Panel
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help
"{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help
"{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B566EFE-DC1D-471F-93DD-84832663F140}" = OVT Scanner X86
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77E33D87-255E-413E-9C8D-EED2A7F9BEBF}" = Nero Live Help
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79635DC5-3224-4971-ABFD-A0B0AC7365C9}" = GT31 Updater
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{846D9AAD-EA7D-4126-9177-F874FD389BE4}" = Microsoft FxCop 1.35
"{85243696-5E58-4357-9CF8-3498C609941D}" = NeroLiveGadget Help
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98A67610-A3B5-4098-A423-3708040026D3}" = "Nero SoundTrax Help
"{9AB8E6CE-CE6D-43A0-B54E-422425524FF9}" = Menu Templates - Pack 2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9E9FDDE6-2C26-492A-85A0-05646B3F2795}" = NeroLiveGadget
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A7C37178-5F4E-4101-9B89-ED55C8EFF3D8}" = HBS Rollo
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92B6797-9C07-4E25-AD96-29087D3A2AC2}" = TouchCopy 09
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ACC39E77-3C8C-49EA-9492-A1A221C9BBF8}" = NAVILINK II
"{AD6BC5CC-2EF0-49C4-B33D-CDC8B2C4DC80}" = Nero Recode Help
"{ADB1982A-E647-476E-842E-E431780613A3}" = ActiSmile Vista
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B400A641-5F10-4E10-BD40-C1C7F91A4A94}" = FBP - Facebook Blaster Pro
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C5E125E0-834B-4209-8C1C-F99A02FC11FC}" = ERGO KONZEPT II
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{ca0a04bc-e2d4-4c1b-afc4-ae6d12806704}" = Nero 9
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}" = LogMeIn
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DA2C4761-DFB8-4D9D-A5D5-F10A7D5BD8F8}" = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
"{DF6A95F5-ADC1-406A-BDC6-2AA7CC0182AA}" = Nero Live
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F425DD1D-0097-41C3-B545-B79E3D51100E}" = Movie Templates - Pack 1
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD
"2DC0AA065FA83047D7ECD51C7000C1620D79A4C5" = Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16)
"4095-7861-2728-4611" = Private Tax 2011 1.4
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"51A4D522DD31538335EF5736F0E7F588C70BCB12" = Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Belcolor Design-Center-ADP-DE_is1" = Belcolor Design-Center-ADP-DE
"Canon MX850 series Benutzerregistrierung" = Canon MX850 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Fotopick Design-Center-ADP-DE_is1" = Fotopick Design-Center-ADP-DE
"Foxit Reader_is1" = Foxit Reader 5.1
"Free Audio Converter_is1" = Free Audio Converter version 5.0.4.1228
"Freecom Remote Control_is1" = Freecom Remote Control 1.02
"FreePDF_XP" = FreePDF (Remove only)
"Google Desktop" = Google Desktop
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"IncrediMail" = IncrediMail Xe
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KETTLER_KONZEPT2_is1" = ERGO KONZEPT II Update 2.6
"Locate" = Locate32
"MAGIX Fotobuch" = MAGIX Fotobuch 3.2
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX PC Visit D" = MAGIX PC Visit
"MAGIX Video deluxe 2008 PLUS D" = MAGIX Video deluxe 2008 PLUS 7.5.0.20 (D)
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6 6.0.22.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 1.1" = Canon MP Navigator EX 1.1
"Mp3tag" = Mp3tag v2.49b
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OVT Scanner" = Uninstall OVT Scanner
"Picasa 3" = Picasa 3
"Pixum EasyBook" = Pixum EasyBook
"Pixum Fotobuch" = Pixum Fotobuch
"Private Tax 2009" = Private Tax 2009
"Private Tax 2010" = Private Tax 2010
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"Quit Counter_is1" = Quit Counter
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"SMS Mailer Outlook" = SMS Mailer Outlook
"Streamripper" = Streamripper (Remove only)
"TAPIEx.Net Component v1.1.23_is1" = TAPIEx.Net Component v1.1.23 for Windows 2K/XP/2003/VISTA/2008/
"TBarCode5" = TBarCode5 ActiveX Uninstall
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Visual CertExam Suite_is1" = Visual CertExam Suite 1.9
"Weltbild Fotoservice" = Weltbild Fotoservice
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xilisoft DVD Ripper Platinum 5" = Xilisoft DVD Ripper Platinum 5
"xplorer2p" = xplorer² professional 32 bit
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = Nur Entfernen der CopyTrans Suite möglich
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.08.2012 07:51:14 | Computer Name = Ogoz | Source = Avira AntiVir | ID = 4112
Description = Bei der Anforderung nach einer Resource des Betriebssystems trat ein
Fehler auf. Die Resource 'avgntflt' wurde nicht zugewiesen. Der Grund hierfür könnte
zu wenig Hauptspeicher oder ein anderer Systemfehler sein. Fehlercode: 0xffffffff
Error - 08.08.2012 07:52:07 | Computer Name = Ogoz | Source = Avira AntiVir | ID = 4112
Description = Bei der Anforderung nach einer Resource des Betriebssystems trat ein
Fehler auf. Die Resource 'avgntflt' wurde nicht zugewiesen. Der Grund hierfür könnte
zu wenig Hauptspeicher oder ein anderer Systemfehler sein. Fehlercode: 0xffffffff
Error - 08.08.2012 07:54:09 | Computer Name = Ogoz | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: syshost.exe, Version: 1.3.0.12741,
Zeitstempel: 0x50222e5a Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00b2004e ID des fehlerhaften
Prozesses: 0x934 Startzeit der fehlerhaften Anwendung: 0x01cd755c7b338338 Pfad der
fehlerhaften Anwendung: C:\Windows\Installer\{AE2851AF-9A95-D68E-F917-AF4AD7C292F2}\syshost.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: c2961158-e14f-11e1-ac75-001372cd23be
Error - 08.08.2012 07:55:55 | Computer Name = Ogoz | Source = Avira AntiVir | ID = 4112
Description = Bei der Anforderung nach einer Resource des Betriebssystems trat ein
Fehler auf. Die Resource 'avgntflt' wurde nicht zugewiesen. Der Grund hierfür könnte
zu wenig Hauptspeicher oder ein anderer Systemfehler sein. Fehlercode: 0xffffffff
Error - 08.08.2012 08:08:21 | Computer Name = Ogoz | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: syshost.exe, Version: 1.3.0.12741,
Zeitstempel: 0x50222e5a Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00ba004e ID des fehlerhaften
Prozesses: 0x934 Startzeit der fehlerhaften Anwendung: 0x01cd755e77495672 Pfad der
fehlerhaften Anwendung: C:\Windows\Installer\{AE2851AF-9A95-D68E-F917-AF4AD7C292F2}\syshost.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: be9ffd85-e151-11e1-b37a-001372cd23be
Error - 08.08.2012 08:10:01 | Computer Name = Ogoz | Source = Avira AntiVir | ID = 4112
Description = Bei der Anforderung nach einer Resource des Betriebssystems trat ein
Fehler auf. Die Resource 'avgntflt' wurde nicht zugewiesen. Der Grund hierfür könnte
zu wenig Hauptspeicher oder ein anderer Systemfehler sein. Fehlercode: 0xffffffff
Error - 08.08.2012 08:33:44 | Computer Name = Ogoz | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,
Zeitstempel: 0x4a5bccbc Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,
Zeitstempel: 0x4e2111c0 Ausnahmecode: 0xc06d007f Fehleroffset: 0x0000d36f ID des fehlerhaften
Prozesses: 0x9ec Startzeit der fehlerhaften Anwendung: 0x01cd75620c2ef8c7 Pfad der
fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 4a2ed3d1-e155-11e1-b37a-001372cd23be
Error - 08.08.2012 08:33:44 | Computer Name = Ogoz | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,
Zeitstempel: 0x4a5bccbc Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,
Zeitstempel: 0x4e2111c0 Ausnahmecode: 0xc06d007f Fehleroffset: 0x0000d36f ID des fehlerhaften
Prozesses: 0x840 Startzeit der fehlerhaften Anwendung: 0x01cd75620c1e4f25 Pfad der
fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 4a313531-e155-11e1-b37a-001372cd23be
Error - 08.08.2012 08:33:45 | Computer Name = Ogoz | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,
Zeitstempel: 0x4a5bccbc Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,
Zeitstempel: 0x4e2111c0 Ausnahmecode: 0xc06d007f Fehleroffset: 0x0000d36f ID des fehlerhaften
Prozesses: 0x3cc Startzeit der fehlerhaften Anwendung: 0x01cd75620d4eff48 Pfad der
fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 4b15b94b-e155-11e1-b37a-001372cd23be
Error - 08.08.2012 08:34:00 | Computer Name = Ogoz | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,
Zeitstempel: 0x4a5bccbc Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,
Zeitstempel: 0x4e2111c0 Ausnahmecode: 0xc06d007f Fehleroffset: 0x0000d36f ID des fehlerhaften
Prozesses: 0xb28 Startzeit der fehlerhaften Anwendung: 0x01cd75621616124b Pfad der
fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 53d8098d-e155-11e1-b37a-001372cd23be
[ Media Center Events ]
Error - 23.12.2009 10:25:58 | Computer Name = Ogoz | Source = MCUpdate | ID = 0
Description = 15:25:56 - Broadband konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
Error - 24.12.2009 05:27:28 | Computer Name = Ogoz | Source = MCUpdate | ID = 0
Description = 10:27:18 - EpgListings konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
Error - 29.12.2009 07:18:21 | Computer Name = Ogoz | Source = MCUpdate | ID = 0
Description = 12:18:18 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
Error - 30.12.2009 11:54:08 | Computer Name = Ogoz | Source = MCUpdate | ID = 0
Description = 16:54:08 - Fehler beim Herstellen der Internetverbindung. 16:54:08
- Serververbindung konnte nicht hergestellt werden..
Error - 30.12.2009 11:54:23 | Computer Name = Ogoz | Source = MCUpdate | ID = 0
Description = 16:54:13 - Fehler beim Herstellen der Internetverbindung. 16:54:13
- Serververbindung konnte nicht hergestellt werden..
Error - 30.12.2009 13:08:29 | Computer Name = Ogoz | Source = MCUpdate | ID = 0
Description = 18:08:28 - Fehler beim Herstellen der Internetverbindung. 18:08:29
- Serververbindung konnte nicht hergestellt werden..
Error - 30.12.2009 13:08:42 | Computer Name = Ogoz | Source = MCUpdate | ID = 0
Description = 18:08:34 - Fehler beim Herstellen der Internetverbindung. 18:08:34
- Serververbindung konnte nicht hergestellt werden..
Error - 10.01.2010 09:41:20 | Computer Name = Ogoz | Source = MCUpdate | ID = 0
Description = 14:41:18 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 10.01.2010 09:42:14 | Computer Name = Ogoz | Source = MCUpdate | ID = 0
Description = 14:42:08 - EpgListings konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
Error - 10.01.2010 09:43:24 | Computer Name = Ogoz | Source = MCUpdate | ID = 0
Description = 14:43:22 - Broadband konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
[ System Events ]
Error - 08.08.2012 08:12:01 | Computer Name = Ogoz | Source = WMPNetworkSvc | ID = 866291
Description =
Error - 08.08.2012 08:12:01 | Computer Name = Ogoz | Source = WMPNetworkSvc | ID = 866316
Description =
Error - 08.08.2012 08:12:01 | Computer Name = Ogoz | Source = WMPNetworkSvc | ID = 866291
Description =
Error - 08.08.2012 08:12:01 | Computer Name = Ogoz | Source = WMPNetworkSvc | ID = 866316
Description =
Error - 08.08.2012 08:12:01 | Computer Name = Ogoz | Source = WMPNetworkSvc | ID = 866291
Description =
Error - 08.08.2012 08:12:01 | Computer Name = Ogoz | Source = WMPNetworkSvc | ID = 866316
Description =
Error - 08.08.2012 08:33:43 | Computer Name = Ogoz | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 08.08.2012 08:50:25 | Computer Name = Ogoz | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows-Audio" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 08.08.2012 08:50:25 | Computer Name = Ogoz | Source = Service Control Manager | ID = 7031
Description = Der Dienst "DHCP-Client" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 08.08.2012 08:50:25 | Computer Name = Ogoz | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows-Ereignisprotokoll" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
< End of report >
--- --- ---
--- --- ---
