wssetup.exe erscheint beim Starten

Seoman1958 · 09.06.2013, 16:24

Ich habe auch das Problem mit dem wssetup.exe beim Starten meines Notebooks. Vielen Dank für eure Hilfe!

Hier meine beiden Logfiles:

PHP-Code:

  OTL logfile created on: 6/9/2013 5:15:58 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Michael\Downloads

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16576)

Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2.97 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 56.85% Memory free

5.93 Gb Paging File | 4.57 Gb Available in Paging File | 77.17% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 63.09 Gb Total Space | 27.74 Gb Free Space | 43.96% Space Free | Partition Type: NTFS

Drive D: | 387.57 Gb Total Space | 46.73 Gb Free Space | 12.06% Space Free | Partition Type: NTFS

 

Computer Name: MICHAEL-PC | User Name: ** | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

[color=#E56717]========== Processes (SafeList) ==========[/color]

 

PRC - [2013/06/09 17:11:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Downloads\OTL.exe

PRC - [2013/06/04 20:01:31 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2013/05/26 15:49:40 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe

PRC - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe

PRC - [2013/04/29 00:58:42 | 004,408,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe

PRC - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe

PRC - [2013/04/04 03:15:08 | 001,117,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe

PRC - [2013/03/28 02:48:36 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG2013\avgrsx.exe

PRC - [2013/03/18 02:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe

PRC - [2013/02/19 04:00:58 | 000,448,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe

PRC - [2012/11/30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2012/08/19 14:14:35 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe

PRC - [2012/08/15 19:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe

PRC - [2011/09/22 22:21:12 | 000,395,344 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

PRC - [2011/09/22 22:21:10 | 000,805,032 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

PRC - [2011/09/22 22:20:44 | 005,587,832 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

PRC - [2011/09/22 16:00:52 | 002,571,032 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe

PRC - [2011/03/14 17:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe

PRC - [2011/03/14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe

PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2010/07/14 15:20:22 | 000,150,096 | ---- | M] (Paragon Software Group) -- C:\Program Files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhservice.exe

PRC - [2010/07/14 15:20:22 | 000,068,176 | ---- | M] (Paragon Software Group) -- C:\Program Files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhagent.exe

PRC - [2010/06/29 06:00:16 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe

PRC - [2010/02/26 18:19:54 | 003,623,424 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

PRC - [2009/12/17 14:25:08 | 000,149,136 | ---- | M] () -- C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe

PRC - [2009/12/17 14:25:02 | 001,148,560 | ---- | M] () -- C:\Program Files\TwonkyMedia\TwonkyMediaServer.exe

PRC - [2009/11/04 06:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe

PRC - [2009/10/26 13:53:14 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe

PRC - [2009/10/13 12:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe

PRC - [2009/10/07 03:31:56 | 002,246,144 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe

PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe

PRC - [2009/08/13 21:58:10 | 000,044,312 | ---- | M] () -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe

PRC - [2009/06/03 13:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

PRC - [2009/04/15 16:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe

 

 

[color=#E56717]========== Modules (No Company Name) ==========[/color]

 

MOD - [2013/06/04 20:01:30 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2013/05/26 15:49:39 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll

MOD - [2011/10/05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

MOD - [2011/09/22 22:20:28 | 011,233,136 | ---- | M] () -- C:\Program Files\Acronis\TrueImageHome\Common\ti_managers.dll

MOD - [2011/06/22 12:46:12 | 000,434,016 | ---- | M] () -- C:\PROGRA~1\MICROS~3\Office12\ADDINS\UMOUTL~1.DLL

MOD - [2009/06/03 13:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll

MOD - [2009/06/03 13:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll

MOD - [2009/02/27 12:56:34 | 000,016,768 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll

MOD - [2009/02/26 14:46:56 | 000,064,344 | ---- | M] () -- C:\PROGRA~1\MICROS~3\Office12\ADDINS\COLLEA~1.DLL

MOD - [2006/08/12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll

 

 

[color=#E56717]========== Services (SafeList) ==========[/color]

 

SRV - [2013/06/04 20:01:30 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013/05/26 15:49:52 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)

SRV - [2012/08/19 14:14:35 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)

SRV - [2012/04/26 11:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)

SRV - [2011/09/22 22:21:10 | 000,805,032 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)

SRV - [2011/03/14 17:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)

SRV - [2010/07/14 15:20:22 | 000,150,096 | ---- | M] (Paragon Software Group) [On_Demand | Running] -- C:\Program Files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhservice.exe -- (Paragon System Backup Dienst)

SRV - [2010/02/26 18:19:54 | 003,623,424 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)

SRV - [2009/12/17 14:25:08 | 000,149,136 | ---- | M] () [Auto | Running] -- C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe -- (TwonkyMedia)

SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)

SRV - [2009/08/24 21:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS.exe -- (DfSdkS)

SRV - [2009/08/13 21:58:10 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)

SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

SRV - [2007/05/31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)

SRV - [2007/05/31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

 

 

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

 

DRV - [2013/05/01 12:47:56 | 000,016,048 | ---- | M] (G Data Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GdPhyMem.sys -- (GdPhyMem)

DRV - [2013/03/29 02:53:48 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)

DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)

DRV - [2013/03/01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)

DRV - [2013/02/18 10:22:18 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2013/02/08 04:37:58 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)

DRV - [2013/02/08 04:37:56 | 000,245,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)

DRV - [2013/02/08 04:37:52 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)

DRV - [2013/02/08 04:37:44 | 000,170,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)

DRV - [2013/02/08 04:37:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)

DRV - [2012/09/27 22:16:09 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)

DRV - [2012/09/27 22:16:09 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)

DRV - [2012/09/27 22:16:09 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)

DRV - [2012/09/27 22:16:09 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)

DRV - [2012/09/27 22:16:09 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)

DRV - [2012/09/27 22:16:09 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)

DRV - [2012/08/23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV - [2012/08/23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2012/08/19 14:14:36 | 000,167,968 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)

DRV - [2012/08/19 14:14:34 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tdrpm273.sys -- (tdrpman273)

DRV - [2012/08/19 14:14:33 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)

DRV - [2012/08/19 14:14:29 | 000,170,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)

DRV - [2011/12/15 20:29:42 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)

DRV - [2011/12/13 04:32:24 | 002,228,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)

DRV - [2010/07/14 15:20:22 | 000,395,464 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)

DRV - [2010/07/14 15:20:20 | 000,056,208 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)

DRV - [2010/07/14 15:20:20 | 000,037,080 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)

DRV - [2009/11/06 06:07:10 | 009,923,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2009/09/28 11:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)

DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)

 

 

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

 

 

[color=#E56717]========== Internet Explorer ==========[/color]

 

IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

 

 

IE - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn

IE - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn

IE - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_deDE387

IE - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

[color=#E56717]========== FireFox ==========[/color]

 

FF - prefs.js..browser.startup.homepage: "hxxp://www.htp.net/"

FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9

FF - prefs.js..extensions.enabledAddons: %7Bd49175b3-3fd8-43b8-b28e-da5d47f3c398%7D:1.0.49

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0

FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.747

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2

FF - prefs.js..extensions.enabledItems: 5

FF - prefs.js..extensions.enabledItems: 3

FF - prefs.js..extensions.enabledItems: 1

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: {d49175b3-3fd8-43b8-b28e-da5d47f3c398}:1.0.36

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31

FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Security Suite CBE 12\FFExt\linkfilter@kaspersky.ru

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/04 20:01:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/04 20:01:24 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/04 20:01:32 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/04 20:01:24 | 000,000,000 | ---D | M]

 

[2010/07/06 16:14:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions

[2013/05/31 01:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\mulazplg.default\extensions

[2011/03/06 18:58:05 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\mulazplg.default\extensions\firefox@tvunetworks.com

[2013/01/01 15:35:38 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\mulazplg.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

[2013/05/31 01:04:03 | 000,395,933 | ---- | M] () (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\mulazplg.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi

[2012/10/05 19:03:56 | 000,003,915 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\mulazplg.default\searchplugins\sweetim.xml

[2013/06/04 20:01:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2013/06/04 20:01:23 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\mozilla firefox\extensions\KavAntiBanner@kaspersky.ru_bak2

[2013/06/04 20:01:23 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak2

[2013/06/04 20:01:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions

[2013/06/04 20:01:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2012/02/18 13:37:19 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010/06/29 06:01:22 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

 

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)

O4 - HKLM..\Run: [APLangApp] C:\Program Files\AnyPC Client\APLangApp.exe (DoctorSoft)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [DBHAgent] C:\Program Files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhagent.exe (Paragon Software Group)

O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)

O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)

O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)

O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)

O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)

O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)

O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B615BCA-6C96-4AC0-99A9-F03F078B60B1}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4BDC275-5456-4B8E-AD67-E39D988F8DBC}: NameServer = 139.7.30.125 139.7.30.126

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - Winlogon\Notify\klogon: DllName - (C:\windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{49486541-08dd-11e2-b70a-00245466819f}\Shell - "" = AutoRun

O33 - MountPoints2\{49486541-08dd-11e2-b70a-00245466819f}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{49486564-08dd-11e2-b70a-00245466819f}\Shell - "" = AutoRun

O33 - MountPoints2\{49486564-08dd-11e2-b70a-00245466819f}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

 

[2013/06/04 20:01:23 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013/05/26 20:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Nikon

[2013/05/26 16:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Multipressor

[2013/05/26 16:10:30 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Nikon

[2013/05/26 16:10:30 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\Nikon

[2013/05/26 15:57:29 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb

[2013/05/26 15:57:28 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll

[2013/05/26 15:57:28 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll

[2013/05/26 15:57:27 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll

[2013/05/26 15:57:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll

[2013/05/26 15:57:26 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll

[2013/05/26 15:57:26 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll

[2013/05/26 15:57:26 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe

[2013/05/26 15:57:26 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe

[2013/05/26 15:57:26 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll

[2013/05/26 15:50:07 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys

[2013/05/26 15:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2

[2013/05/26 15:49:54 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\authui.dll

[2013/05/26 15:49:54 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe

[2013/05/26 15:49:44 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wwanprotdim.dll

[2013/05/26 15:48:34 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys

[2013/05/26 15:45:27 | 000,000,000 | RH-D | C] -- C:\ProgramData\Extensions

[2013/05/26 15:44:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2

[2013/05/26 15:44:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon

[2013/05/26 15:44:05 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon

[2013/05/26 15:43:54 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ATL71.DLL

[2013/05/26 15:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15

[2013/05/26 15:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Flags

[2013/05/26 15:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp

[2013/05/26 15:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Electric Clav

[2013/05/26 15:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon

[2013/05/26 15:37:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

 

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

 

[2013/06/09 17:13:38 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/06/09 17:13:38 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/06/09 17:06:48 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/06/09 17:05:44 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2013/06/09 17:05:41 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys

[2013/06/07 18:49:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2013/06/07 18:40:01 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/06/04 19:48:32 | 000,694,664 | ---- | M] () -- C:\windows\System32\perfh00C.dat

[2013/06/04 19:48:32 | 000,689,342 | ---- | M] () -- C:\windows\System32\perfh010.dat

[2013/06/04 19:48:32 | 000,654,400 | ---- | M] () -- C:\windows\System32\perfh007.dat

[2013/06/04 19:48:32 | 000,616,242 | ---- | M] () -- C:\windows\System32\perfh009.dat

[2013/06/04 19:48:32 | 000,130,374 | ---- | M] () -- C:\windows\System32\perfc00C.dat

[2013/06/04 19:48:32 | 000,130,240 | ---- | M] () -- C:\windows\System32\perfc007.dat

[2013/06/04 19:48:32 | 000,127,378 | ---- | M] () -- C:\windows\System32\perfc010.dat

[2013/06/04 19:48:32 | 000,106,622 | ---- | M] () -- C:\windows\System32\perfc009.dat

[2013/05/26 20:39:24 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT

[2013/05/26 20:32:39 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLev.DAT

[2013/05/26 20:30:57 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2013/05/26 16:16:09 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\ViewNX 2.lnk

[2013/05/26 16:15:29 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLeo.DAT

[2013/05/26 16:15:28 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Font Book

[2013/05/26 16:15:28 | 000,000,268 | RH-- | M] () -- C:\Users\Michael\AppData\Roaming\Flanger

[2013/05/26 16:06:57 | 000,431,480 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT

[2013/05/26 15:49:40 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe

[2013/05/26 15:49:40 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl

[2013/05/26 15:45:27 | 000,000,268 | RH-- | M] () -- C:\Users\Michael\AppData\Roaming\Enhance Tuning

[2013/05/26 15:45:27 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLes.DAT

[2013/05/26 15:43:38 | 000,000,268 | RH-- | M] () -- C:\ProgramData\External Build System

[2013/05/26 15:43:38 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Examples

[2013/05/26 15:43:38 | 000,000,268 | RH-- | M] () -- C:\Users\Michael\AppData\Roaming\Equalizer

[2013/05/26 15:43:38 | 000,000,268 | RH-- | M] () -- C:\Users\Michael\AppData\Roaming\Enhance Timing

[2013/05/26 15:43:05 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ATL71.DLL

[2013/05/26 15:37:57 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk

[2013/05/11 12:44:31 | 000,012,931 | ---- | M] () -- C:\Users\Michael\Documents\i can't dance.p2g

[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

 

[color=#E56717]========== Files Created - No Company Name ==========[/color]

 

[2013/05/26 20:30:57 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2013/05/26 16:15:28 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Font Book

[2013/05/26 16:15:28 | 000,000,268 | RH-- | C] () -- C:\Users\Michael\AppData\Roaming\Flanger

[2013/05/26 16:15:28 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT

[2013/05/26 15:45:27 | 000,000,268 | RH-- | C] () -- C:\Users\Michael\AppData\Roaming\Enhance Tuning

[2013/05/26 15:45:27 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT

[2013/05/26 15:44:15 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\ViewNX 2.lnk

[2013/05/26 15:43:38 | 000,000,268 | RH-- | C] () -- C:\ProgramData\External Build System

[2013/05/26 15:43:38 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Examples

[2013/05/26 15:43:38 | 000,000,268 | RH-- | C] () -- C:\Users\Michael\AppData\Roaming\Equalizer

[2013/05/26 15:43:38 | 000,000,268 | RH-- | C] () -- C:\Users\Michael\AppData\Roaming\Enhance Timing

[2013/05/26 15:43:38 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT

[2013/05/26 15:43:38 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT

[2013/05/11 12:44:31 | 000,012,931 | ---- | C] () -- C:\Users\Michael\Documents\i can't dance.p2g

[2013/04/12 19:35:43 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv5

[2012/10/13 11:46:01 | 001,057,387 | ---- | C] () -- C:\windows\System32\sig.bin

[2012/05/17 17:44:44 | 000,017,408 | ---- | C] () -- C:\Users\Michael\AppData\Local\WebpageIcons.db

[2010/08/14 13:37:27 | 000,000,000 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\wklnhst.dat

[2010/07/06 14:37:11 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

 

[color=#E56717]========== ZeroAccess Check ==========[/color]

 

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 
< End of report >

Code:

ATTFilter

OTL Extras logfile created on: 6/9/2013 5:15:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Michael\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.97 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 56.85% Memory free
5.93 Gb Paging File | 4.57 Gb Available in Paging File | 77.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 63.09 Gb Total Space | 27.74 Gb Free Space | 43.96% Space Free | Partition Type: NTFS
Drive D: | 387.57 Gb Total Space | 46.73 Gb Free Space | 12.06% Space Free | Partition Type: NTFS
 
Computer Name: MICHAEL-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1072828290-3828818215-1948454868-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02007219-019D-403E-88A4-952E741C9CC1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0A50BF23-04D0-42C9-93CA-A3595CA55164}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0C4F788F-267B-4FE3-847F-FB7613332A8A}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{12650E80-432B-45B4-8E93-787FCBD611F1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{12AFA8F1-5038-4BCC-B83C-93358FFB8A87}" = rport=139 | protocol=6 | dir=out | app=system | 
"{22D614AD-9D2C-427E-A0C4-AC0A7640002F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{351FC438-771F-48E5-9A5A-906CF83C4542}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{54F88E13-9654-4076-B8E8-1E9BC366FC0C}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{65A897A6-3CC7-41BE-97F8-423A51A3ED69}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{69602ACA-E7E8-4D83-B419-9AD56023F2D4}" = rport=138 | protocol=17 | dir=out | app=system | 
"{6C94FBAF-F0E8-462D-A654-DD7AA421F10A}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{84573A3C-B22B-44C1-8A66-21EE82C3D30A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{89BDDA84-D493-4419-BEB6-2B81C485F501}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8F941594-30BF-43E7-A526-CA1677C26944}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8FAAA6CE-7CEA-4D05-811B-77401B96121A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9996150D-BD90-42DB-8C2F-8C9B59D89CAE}" = lport=137 | protocol=17 | dir=in | app=system | 
"{BD3D0AAA-C20D-44E0-89DA-177D1A809651}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BEBBAFCC-C378-4538-A25B-D8CD17275F88}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CD77EAFD-9E6A-4B9E-AA6A-622B5DD32F8D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E0E65A92-1A11-470E-9573-F5AED7272A7D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E707D949-21B7-4DDB-AB15-18F9DACE9149}" = lport=139 | protocol=6 | dir=in | app=system | 
"{EBDC79C4-D918-4489-BB5A-377607B332E2}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F0AFA054-05CD-4EA9-BBA3-1652941CBECE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{FA1E46EF-A2AC-4215-BDBF-23480B411B0F}" = lport=80 | protocol=6 | dir=in | name=http | 
"{FB278F6B-870D-40A5-A1EB-ABDF9805F64D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FE773393-B80E-4DB7-B63D-AD76C2CC6EA7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07FF0C04-61B6-4636-88A9-62D4F2C8501A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{19343F13-8E89-435A-9584-389B97760D84}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{1B4A8D63-D7D1-415C-803A-98E0DFD28F92}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe | 
"{1D016E15-9399-43DA-AAAF-ABF09A2A148C}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe | 
"{24473C82-A8DB-4C8A-B6F8-C07A3D23DA75}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{24695B1C-78E2-4193-BEB4-FE946B07F25C}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{30A83205-1B78-444C-9848-013FDB7B2DD2}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | 
"{3AAE6E3D-BE39-4B8F-A765-0B08DEEAC5E3}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{3AC32F33-032B-4C10-AFC3-CF4481176F36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3DACFF25-E8C1-4282-9D70-D0F517597324}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe | 
"{4704FFD6-4E89-40F2-B643-69F2A7C562B8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{473F9866-9F55-49F2-9B46-F4E6D93CFF9C}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe | 
"{49248FA3-EDAC-4FA6-8C0E-18FDD61F7DAD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{49681F09-7951-4A5F-B98B-0689CD81B66A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4A94F875-C6D6-402C-9567-D653C4E2F3BF}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{4E7F96FE-AFE7-4C15-AE44-5114CD500060}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{58BB822B-E7B0-44D6-844D-7D3A2E7CB4ED}" = protocol=6 | dir=out | app=system | 
"{5A98B02A-5DA7-42D1-A1B2-707051DC7DE1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5E8196E4-077D-43F1-9E18-18A6A584FDF1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{61A6D4DA-827D-4C02-B7CA-4AFD0E4AE122}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{6460FA0D-7431-490B-B9C7-1996EEED2C58}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{64C81CC3-87F1-4071-83FE-EAF36E6EB822}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | 
"{71C4185A-B78C-48A2-B834-3F549396A112}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{73E30D35-EBEB-47D4-ACE6-826D49B10E29}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{773D060E-70CF-406C-B2C8-DFFBDB44FFAA}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{79FB855A-DED3-4D86-9035-50014026B1B7}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | 
"{7AFDE651-8994-4005-ABEC-A69564F85953}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | 
"{7C8817A0-7E0E-4D97-8CEA-32EA6802A1BE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7E0A1F95-A6EA-483C-8E58-00CEB1357C73}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7F14DD2C-450C-44EE-946B-C3ED9A5835F9}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | 
"{80763932-6272-4EC3-922F-91E8FFCFF411}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{8753B019-D0E2-4D88-A5CC-7A0C30DED381}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{87AE0E9B-CD23-42BF-8F0F-1032707CD17E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{88435862-6516-40F6-B4EF-7068AF053E42}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8C050D42-9A64-47A7-AAA8-D48D3659EBFE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{A0F5BE82-46D9-458F-86DD-8C3A1B5424B0}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
"{B15FED65-ECC3-4682-B20C-A5C9F0692518}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B97F9BF1-EB95-47DD-A3B5-3FFB4003B672}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe | 
"{C30B77C3-2880-4046-BFE0-A6A8B6E34B36}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CA839932-BF4B-47B3-9992-D9C03A8417EF}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
"{CB180A22-9E7C-4988-AC8E-4FCB1A5F9A36}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{D40D6DEB-B149-42FD-B816-41E6CFF08A6F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D7B208A4-CC9C-43EF-956C-E574EBAB0D5D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D8AABC73-EB37-4062-82CF-E334CAFD07E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{D8D81B36-CC17-44DE-A7E5-C9396826FCF2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{D9372FFC-6512-48D0-8D3A-84826B0502AF}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{DE85B61E-4C86-4186-A0A1-7B49450DA460}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{E1A7A75B-BFED-40C7-9BED-8BDFE4CD3012}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E5E208BE-54AF-4BC0-892F-77BAB4540047}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | 
"{E796C6B6-E1AB-46D1-8CA8-8A89FB51BDC6}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{EDF44AE9-AC13-4076-B3C7-A4A7CFE05609}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{F853473A-DB82-4BBA-A563-79CF19DC6EF5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | 
"{FBA2E909-CB10-4A09-BE75-1F3036E26D6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FF66BC49-C837-4E0B-8F85-55C11C43F8B5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | 
"{FF9FC9D6-D175-4F2F-9207-3D32F2EC24B3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{3B0C904E-34B5-4323-AF4B-9938FBBD0350}C:\program files\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader\jre\bin\javaw.exe | 
"TCP Query User{64C46CDD-02FD-497E-8CB9-9529989442F6}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{92BF445E-7F77-4FBE-98CD-A0E7885D00DD}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{B4D2D7BB-EB02-4253-878C-E75794D54C3C}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{BD32B906-FDBB-4460-8C39-11C1B9A4710D}C:\program files\twonkymedia\mediamanager\twonkymediamanager.exe" = protocol=6 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
"TCP Query User{D88CF36C-DC63-4038-A9A5-8F01B49DE664}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{1745FE50-91E2-485B-9714-E8E71E7FED68}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{53A5D169-2125-4DE7-B678-B17980493692}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{82F89C51-B686-4FAD-8A7D-6966A6B8D591}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{BFE650E5-6BF5-4B45-A232-FB8892069E2C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{C23DC4B5-E8E5-4C35-B58C-A9451DBCCAA2}C:\program files\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{C9E321A2-465D-4E10-B534-287A2747F803}C:\program files\twonkymedia\mediamanager\twonkymediamanager.exe" = protocol=17 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013CCA52-DA56-4133-AC2B-1988A9568C30}" = Native Instruments Audio 4 DJ Driver
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis*True*Image*Home 2011
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{09D29DA8-F155-4AEA-A110-FA5F10895D88}" = COMPUTERBILD-Abzockschutz
"{0AFCF5C4-D09B-4BAA-8C4D-1F61CF67BD65}" = mufin player 2.0
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
"{1E1DFF42-2EE8-4852-A7AB-C5174321D68F}" = Paragon Backup & Recovery™ 11 Kompakt
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23A66953-369C-4d22-A189-C6E403D4A19F}" = Native Instruments Audio 2 DJ Driver
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{2AE79B77-E3FA-4F9C-93D7-4FC643516D6A}" = AVG 2013
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4209F371-7B85-60AD-E5CE-E4409D39E3DE}_is1" = Ashampoo WinOptimizer 2013 v.1.0.0
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612601db-4776-4127-bab5-d84b8644e530}" = Native Instruments Traktor Kontrol X1 Driver
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7CC673E7-5271-409D-B196-BB76DA60300B}" = TwonkyMedia Windows Components
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5675A9E-F073-414A-9A04-F9BCD50459D7}" = Easy Network Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5089197-5B15-44AD-B0FC-2E94EE9ECB63}" = WinSysClean X
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCC2B140-B47A-45FA-AAE3-BD60DA41AE00}" = Samsung Support Center
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{DEE76D44-8D7C-4A32-8FAE-A813817631FC}" = AVG 2013
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E64C137C-D0B7-467A-B47F-460AAB30F0A3}" = ViewNX 2
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Allway Sync_is1" = Allway Sync version 12.12.13
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"AVG" = AVG 2013
"CCleaner" = CCleaner
"CdCoverCreator" = CdCoverCreator 2.5.3
"CDex" = CDex - Open Source Digital Audio CD Extractor
"CyberGhost VPN_is1" = CyberGhost VPN
"Defraggler" = Defraggler
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.419
"Imperium Romanum" = Imperium Romanum 1.04 Gold Edition
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"MAGIX_MSI_mufin_player_2" = mufin player 2.0
"Marvell Miniport Driver" = Marvell Miniport Driver
"MediaMonkey_is1" = MediaMonkey 4.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"TwonkyMedia Manager" = TwonkyMedia Manager
"Veetle TV" = Veetle TV 0.9.18
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"Virtual DJ Home Edition - Atomix Productions" = Virtual DJ Home Edition - Atomix Productions
"VLC media player" = VLC media player 1.1.0
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1072828290-3828818215-1948454868-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 4/28/2013 1:33:42 PM | Computer Name = Michael-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 4/28/2013 2:20:05 PM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 20.0.1.4847,
 Zeitstempel: 0x51650aee  Name des fehlerhaften Moduls: xul.dll, Version: 20.0.1.4847,
 Zeitstempel: 0x51650a09  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000b10e8  ID des fehlerhaften
 Prozesses: 0x1404  Startzeit der fehlerhaften Anwendung: 0x01ce443bcbf6f4c4  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: 3fba5bee-b030-11e2-b742-00245466819f
 
Error - 5/1/2013 6:31:43 AM | Computer Name = Michael-PC | Source = Windows Search Service | ID = 3100
Description = 
 
Error - 5/1/2013 7:17:44 AM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Name des fehlerhaften Moduls: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Ausnahmecode: 0x40000015  Fehleroffset: 0x001bdc0f  ID des fehlerhaften
 Prozesses: 0x156c  Startzeit der fehlerhaften Anwendung: 0x01ce465d78c7a824  Pfad der
 fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Berichtskennung:
 be356ea9-b250-11e2-acf3-00245466819f
 
Error - 5/1/2013 7:19:30 AM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Name des fehlerhaften Moduls: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Ausnahmecode: 0x40000015  Fehleroffset: 0x001bdc0f  ID des fehlerhaften
 Prozesses: 0x14f0  Startzeit der fehlerhaften Anwendung: 0x01ce465db9349c17  Pfad der
 fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Berichtskennung:
 fdc03fe1-b250-11e2-acf3-00245466819f
 
Error - 5/1/2013 7:20:46 AM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Name des fehlerhaften Moduls: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Ausnahmecode: 0x40000015  Fehleroffset: 0x001bdc0f  ID des fehlerhaften
 Prozesses: 0x324  Startzeit der fehlerhaften Anwendung: 0x01ce465de641dd1e  Pfad der
 fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Berichtskennung:
 2ab5da36-b251-11e2-acf3-00245466819f
 
Error - 5/1/2013 8:37:38 AM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Name des fehlerhaften Moduls: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Ausnahmecode: 0x40000015  Fehleroffset: 0x001bdc0f  ID des fehlerhaften
 Prozesses: 0xa68  Startzeit der fehlerhaften Anwendung: 0x01ce4668a1f8e0e8  Pfad der
 fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Berichtskennung:
 e78f1ed1-b25b-11e2-9f27-00245466819f
 
Error - 5/1/2013 12:00:25 PM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Name des fehlerhaften Moduls: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Ausnahmecode: 0x40000015  Fehleroffset: 0x001bdc0f  ID des fehlerhaften
 Prozesses: 0x150c  Startzeit der fehlerhaften Anwendung: 0x01ce4684f70936b2  Pfad der
 fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Berichtskennung:
 3bd51fa4-b278-11e2-93b8-00245466819f
 
Error - 5/5/2013 1:59:31 PM | Computer Name = Michael-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 5/26/2013 9:42:47 AM | Computer Name = Michael-PC | Source = Windows Backup | ID = 4103
Description = 
 
[ System Events ]
Error - 6/7/2013 12:13:38 PM | Computer Name = Michael-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "\\?\Volume{8a99a86f-e1bd-11de-8c60-806e6f6e6963}" können nicht gelesen werden.
 
Error - 6/7/2013 12:15:16 PM | Computer Name = Michael-PC | Source = Microsoft-Windows-Application-Experience | ID = 205
Description = Der Dienst "Programmkompatibilitäts-Assistent" konnte Phase 2 nicht
 initialisieren.
 
Error - 6/7/2013 1:07:33 PM | Computer Name = Michael-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 6/9/2013 10:58:29 AM | Computer Name = Michael-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "\\?\Volume{8a99a86e-e1bd-11de-8c60-806e6f6e6963}" können nicht gelesen werden.
 
Error - 6/9/2013 10:58:29 AM | Computer Name = Michael-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "\\?\Volume{8a99a86f-e1bd-11de-8c60-806e6f6e6963}" können nicht gelesen werden.
 
Error - 6/9/2013 11:04:37 AM | Computer Name = Michael-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 6/9/2013 11:05:48 AM | Computer Name = Michael-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "\\?\Volume{8a99a86e-e1bd-11de-8c60-806e6f6e6963}" können nicht gelesen werden.
 
Error - 6/9/2013 11:05:48 AM | Computer Name = Michael-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "\\?\Volume{8a99a86f-e1bd-11de-8c60-806e6f6e6963}" können nicht gelesen werden.
 
Error - 6/9/2013 11:07:23 AM | Computer Name = Michael-PC | Source = VDS Basic Provider | ID = 33554433
Description = 
 
Error - 6/9/2013 11:07:23 AM | Computer Name = Michael-PC | Source = VDS Basic Provider | ID = 33554433
Description = 
 
 
< End of report >

wssetup.exe erscheint beim Starten

Plagegeister aller Art und deren Bekämpfung: wssetup.exe erscheint beim Starten

wssetup.exe erscheint beim Starten

Ähnliche Themen: wssetup.exe erscheint beim Starten