Gregor259 | 04.02.2013 19:38 | Trojaner: Artemis!697E81D4CFBD Hallo zusammen,
McAfee macht folgende Aussage.
Name der Bedrohung: Artemis!697E81D4CFBD (Trojaner)
Datei: D:\ xxx\ Backup Set 2011-11-30 190004\ Backup Files 2011-11-30 190004\Backup Files 23.zip Code:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Datenbank Version: v2013.02.01.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Greech :: xxxx [Administrator]
01.02.2013 22:42:02
mbam-log-2013-02-01 (22-42-02).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 238572
Laufzeit: 38 Minute(n), 56 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende) Code:
OTL logfile created on: 02.02.2013 18:29:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Greech\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 58,04% Memory free
7,73 Gb Paging File | 5,84 Gb Available in Paging File | 75,64% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,59 Gb Total Space | 10,46 Gb Free Space | 17,85% Space Free | Partition Type: NTFS
Drive D: | 397,30 Gb Total Space | 188,60 Gb Free Space | 47,47% Space Free | Partition Type: NTFS
Computer Name: GREGORHAMBITZER | User Name: Greech | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.02.02 18:28:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Greech\Desktop\OTL.exe
PRC - [2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Greech\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.01.20 11:07:39 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.08.28 06:41:08 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.08.28 06:41:06 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012.08.14 13:58:58 | 000,646,800 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2010.09.09 13:38:16 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2010.08.19 09:52:14 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.08.19 09:52:04 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2008.12.18 21:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe
PRC - [2007.10.09 15:21:06 | 000,169,328 | ---- | M] (Maxtor Corporation) -- C:\Program Files (x86)\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
PRC - [2007.10.09 15:21:02 | 000,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Basics\Service\SyncServicesBasics.exe
========== Modules (No Company Name) ==========
MOD - [2013.01.20 11:07:39 | 003,022,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.12.26 09:52:34 | 000,182,312 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012.12.26 09:49:32 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012.12.26 09:47:40 | 000,241,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012.08.31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012.08.31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012.08.31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012.08.31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012.08.31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012.08.31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012.08.31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2009.09.08 17:56:00 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.17 01:06:00 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2013.01.20 11:07:39 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.10 14:38:25 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.16 21:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012.08.28 06:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.03.28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.08.19 09:52:04 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.09 14:52:16 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2009.07.02 01:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- c:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.12.18 21:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008.04.07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.10.09 15:21:02 | 000,124,280 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\Basics\Service\SyncServicesBasics.exe -- (Basics Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x64\Sandra.sys -- (SANDRA)
DRV:64bit: - [2012.12.26 09:55:26 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012.12.26 09:52:44 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012.12.26 09:51:24 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012.12.26 09:50:48 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012.12.26 09:49:42 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012.12.26 09:49:00 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012.12.26 09:48:30 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012.09.28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.04.20 15:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.21 09:53:33 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.02.21 09:43:51 | 000,343,160 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011.10.09 14:43:48 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.08.31 18:09:00 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010.08.07 17:49:04 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.07.27 15:26:34 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010.07.27 09:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2009.09.17 21:54:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.09.08 18:31:00 | 006,204,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.08.23 04:02:00 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.17 18:06:00 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.07.17 01:06:00 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.07.01 23:26:34 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.07.01 23:26:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.07.01 23:26:34 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.07.01 23:26:34 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.06.15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ECBDF3D7-9251-4EAE-8357-8E7BFBC470D7}
IE:64bit: - HKLM\..\SearchScopes\{ECBDF3D7-9251-4EAE-8357-8E7BFBC470D7}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {EADD793C-E265-4C2E-ABD2-4D7F56850E08}
IE - HKLM\..\SearchScopes\{EADD793C-E265-4C2E-ABD2-4D7F56850E08}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sportjugend.de/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {EADD793C-E265-4C2E-ABD2-4D7F56850E08}
IE - HKCU\..\SearchScopes\{7B7EDC42-9525-4A85-A043-295E2739D645}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{A5F6E64B-E48E-4840-BB99-97F169476EBF}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Sichere Suche"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.sportjugend-rlp.de/"
FF - prefs.js..extensions.enabledAddons: 2020Player%402020Technologies.com:4.5.4.0
FF - prefs.js..extensions.enabledAddons: amznUWL2%40amazon.com:1.10
FF - prefs.js..extensions.enabledAddons: finder%40meingutscheincode.de:3.0.3
FF - prefs.js..extensions.enabledAddons: formhistory%40yahoo.com:1.3.0.3
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15
FF - prefs.js..extensions.enabledAddons: %7B1BC9BA34-1EED-42ca-A505-6D2F1A935BBB%7D:4.12.22.2
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.1.1
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.5.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:4.5.4.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Greech\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.12.16 18:32:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013.01.26 17:23:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.20 11:07:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.20 11:07:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.01.06 13:39:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.20 11:07:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.20 11:07:34 | 000,000,000 | ---D | M]
[2010.09.27 16:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greech\AppData\Roaming\mozilla\Extensions
[2010.09.27 16:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greech\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.02.02 14:41:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greech\AppData\Roaming\mozilla\Firefox\Profiles\ol3kxz6m.default\extensions
[2012.12.27 13:47:48 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Greech\AppData\Roaming\mozilla\Firefox\Profiles\ol3kxz6m.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010.12.22 20:52:01 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Greech\AppData\Roaming\mozilla\Firefox\Profiles\ol3kxz6m.default\extensions\2020Player@2020Technologies.com
[2012.11.19 20:07:50 | 000,000,000 | ---D | M] (Form History Control) -- C:\Users\Greech\AppData\Roaming\mozilla\Firefox\Profiles\ol3kxz6m.default\extensions\formhistory@yahoo.com
[2011.12.27 12:10:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greech\AppData\Roaming\mozilla\Firefox\Profiles\v71jg1bn.default\extensions
[2012.09.19 16:51:09 | 000,243,287 | ---- | M] () (No name found) -- C:\Users\Greech\AppData\Roaming\mozilla\firefox\profiles\ol3kxz6m.default\extensions\amznUWL2@amazon.com.xpi
[2011.09.21 19:31:55 | 000,105,020 | ---- | M] () (No name found) -- C:\Users\Greech\AppData\Roaming\mozilla\firefox\profiles\ol3kxz6m.default\extensions\finder@meingutscheincode.de.xpi
[2013.02.02 14:41:19 | 000,111,083 | ---- | M] () (No name found) -- C:\Users\Greech\AppData\Roaming\mozilla\firefox\profiles\ol3kxz6m.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.01.31 19:03:42 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Greech\AppData\Roaming\mozilla\firefox\profiles\ol3kxz6m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.13 18:19:29 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Greech\AppData\Roaming\mozilla\firefox\profiles\ol3kxz6m.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012.09.06 17:29:16 | 000,002,209 | ---- | M] () -- C:\Users\Greech\AppData\Roaming\mozilla\firefox\profiles\ol3kxz6m.default\searchplugins\englische-ergebnisse.xml
[2012.09.06 17:29:16 | 000,010,506 | ---- | M] () -- C:\Users\Greech\AppData\Roaming\mozilla\firefox\profiles\ol3kxz6m.default\searchplugins\gmx-suche.xml
[2013.01.20 11:07:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.01.20 11:07:32 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013.01.20 11:07:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.01.20 11:07:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.12.16 18:32:17 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2013.01.20 11:07:39 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.09.06 17:26:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 17:26:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.09.06 17:26:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 17:26:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 17:24:02 | 000,002,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.09.06 17:26:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 17:26:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20130126162730.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130126162731.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [basicsmssmenu] C:\Program Files (x86)\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe (Maxtor Corporation)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\Greech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Greech\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0850A2CA-3F69-46DE-9009-9950EDD656C1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57632302-1E45-45C7-AFCB-8706CF538B92}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F145E0D-327D-4FC5-9D85-15D938859915}: NameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E1DB2FD4-C33D-429F-BEDA-2F4841B9DC97}: NameServer = 193.189.244.225 193.189.244.206
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{052ed5f0-6b62-11e1-bec9-0026b9215a2b}\Shell - "" = AutoRun
O33 - MountPoints2\{052ed5f0-6b62-11e1-bec9-0026b9215a2b}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\{76d961c9-2e09-11e0-bbe8-0026b9215a2b}\Shell - "" = AutoRun
O33 - MountPoints2\{76d961d6-2e09-11e0-bbe8-0026b9215a2b}\Shell - "" = AutoRun
O33 - MountPoints2\{76d961d6-2e09-11e0-bbe8-0026b9215a2b}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a4b82e18-aae5-11e1-8dc3-0026b9215a2b}\Shell - "" = AutoRun
O33 - MountPoints2\{a4b82e18-aae5-11e1-8dc3-0026b9215a2b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.02.02 18:28:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Greech\Desktop\OTL.exe
[2013.02.02 14:33:58 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{7DFC1E8F-71BB-4746-9D8F-400F3427AC3F}
[2013.02.02 14:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.02.01 22:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.01 22:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.01 22:40:10 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.01 22:39:38 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\Programs
[2013.02.01 15:49:30 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{501FAB45-587F-4C31-8623-08083DC15CB9}
[2013.01.31 18:56:20 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{82057F07-3803-4EEC-B3F4-DF2D6B55278C}
[2013.01.29 14:29:00 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{BB330BD4-5343-4F1F-8FEB-6A0C4067EA81}
[2013.01.28 14:30:54 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{03E91A0C-1EE4-41FB-8CFC-A9755EE870F7}
[2013.01.27 16:54:02 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{F5399CDF-14EE-4DBF-9DBB-31F27781DDFF}
[2013.01.26 16:10:33 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{5463F695-72F6-4729-BDA3-34613CB9C703}
[2013.01.24 18:40:14 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{ECF238DC-ECBB-4041-B541-2B57513ABF19}
[2013.01.23 16:28:01 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{33C78848-0644-48FE-A531-B3DAC1B3EE99}
[2013.01.22 17:20:16 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{B94DF105-E921-4EE8-BAA9-EFB73799BF32}
[2013.01.21 14:55:27 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{493CFEBE-436C-4D06-A1AA-A794C4478566}
[2013.01.20 11:07:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.20 10:46:16 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{A8664410-556D-49FF-9D66-4F12767A9736}
[2013.01.17 16:38:04 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{EDEA75DA-6BA5-47CC-B2FE-F6E4AAFED052}
[2013.01.16 18:45:51 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{82ADCA2A-3650-4149-A27E-F919DFA1D6C9}
[2013.01.15 15:39:42 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{088B1186-0DB2-4849-88A0-EB6C9B86487A}
[2013.01.14 15:13:04 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{5C6B8EB8-4998-40C3-AE74-97D1090AF19E}
[2013.01.13 16:33:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox.bak
[2013.01.13 16:30:28 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{9DBB3367-109D-4A20-9D40-A232568F16F6}
[2013.01.11 14:18:26 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{7E68B3BC-95BD-42E0-9315-4D6330CCE151}
[2013.01.10 14:25:06 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{6304B9EE-354F-43A8-9F81-DF595BED3CD8}
[2013.01.09 14:13:25 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{0449A979-1150-4DB1-8253-16F41805315E}
[2013.01.08 14:26:01 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{33BBCECF-C222-4D94-9049-6FC641DD4B53}
[2013.01.07 15:05:35 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{3BC1533B-CA1E-45B4-97C6-00949526E98C}
[2013.01.06 15:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.01.06 15:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.01.06 15:00:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.01.06 15:00:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.01.06 15:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.01.06 13:37:40 | 000,000,000 | ---D | C] -- C:\Users\Greech\AppData\Local\{55145730-1034-4250-9A5D-BF186FE70A60}
========== Files - Modified Within 30 Days ==========
[2013.02.02 18:38:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.02 18:28:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Greech\Desktop\OTL.exe
[2013.02.02 18:27:05 | 000,000,000 | ---- | M] () -- C:\Users\Greech\defogger_reenable
[2013.02.02 18:22:44 | 000,050,477 | ---- | M] () -- C:\Users\Greech\Desktop\Defogger.exe
[2013.02.02 18:16:28 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.02 18:16:28 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.02 18:16:28 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.02 18:16:28 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.02 18:16:28 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.02 18:14:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.02 17:45:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.02 15:52:48 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.02 15:52:48 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.02 15:45:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.01 22:40:30 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.01 16:21:28 | 000,874,750 | ---- | M] () -- C:\Users\Greech\Desktop\stundenplan ab 1.2..pdf
[2013.01.29 20:58:09 | 000,001,061 | ---- | M] () -- C:\Users\Greech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.01.29 15:01:31 | 000,177,152 | ---- | M] () -- C:\Users\Greech\Desktop\Acrostichon Marlene.pps
[2013.01.10 17:50:45 | 000,311,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2013.02.02 18:27:05 | 000,000,000 | ---- | C] () -- C:\Users\Greech\defogger_reenable
[2013.02.02 18:22:43 | 000,050,477 | ---- | C] () -- C:\Users\Greech\Desktop\Defogger.exe
[2013.02.01 22:40:30 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.01 16:21:28 | 000,874,750 | ---- | C] () -- C:\Users\Greech\Desktop\stundenplan ab 1.2..pdf
[2013.01.29 15:01:30 | 000,177,152 | ---- | C] () -- C:\Users\Greech\Desktop\Acrostichon Marlene.pps
[2012.11.05 21:23:58 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012.09.08 11:16:14 | 000,005,220 | ---- | C] () -- C:\Users\Greech\.recently-used.xbel
[2012.03.09 14:30:53 | 000,103,784 | ---- | C] () -- C:\Users\Greech\GoToAssistDownloadHelper.exe
[2012.02.27 19:29:18 | 000,007,597 | ---- | C] () -- C:\Users\Greech\AppData\Local\Resmon.ResmonCfg
[2011.12.06 14:46:28 | 000,019,401 | ---- | C] () -- C:\Users\Greech\AppData\Roaming\UserTile.png
[2011.11.17 11:29:25 | 000,000,424 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010.03.23 20:50:18 | 000,005,632 | ---- | C] () -- C:\Users\Greech\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.22 18:24:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2010.06.04 10:47:25 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Ashampoo
[2012.08.27 16:18:42 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Canon
[2012.08.16 19:50:25 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Cornelsen
[2013.02.02 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Dropbox
[2011.11.06 17:07:54 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\DVDVideoSoft
[2011.04.05 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.10.03 15:35:21 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Electronic Arts
[2012.04.16 15:02:29 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\elsterformular
[2010.04.03 21:31:05 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Facebook
[2012.03.11 19:27:39 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\FileZilla
[2012.08.27 16:22:22 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Foto Raabe
[2012.09.08 11:16:00 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\gtk-2.0
[2012.11.12 18:32:45 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\JAM Software
[2011.12.01 18:36:56 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Nik Software
[2011.05.08 08:47:36 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Nokia
[2010.09.23 19:28:41 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Orbit
[2010.12.14 21:49:24 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\PC Suite
[2011.05.24 21:04:13 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\PCDr
[2010.09.23 19:24:04 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\ProgSense
[2012.06.23 10:44:35 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\QuickScan
[2010.03.31 15:14:32 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\ScanSoft
[2012.11.12 14:53:41 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\SumatraPDF
[2010.09.27 16:44:34 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\TomTom
[2011.04.09 12:52:28 | 000,000,000 | ---D | M] -- C:\Users\Greech\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report > Code:
OTL Extras logfile created on: 02.02.2013 18:29:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Greech\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 58,04% Memory free
7,73 Gb Paging File | 5,84 Gb Available in Paging File | 75,64% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,59 Gb Total Space | 10,46 Gb Free Space | 17,85% Space Free | Partition Type: NTFS
Drive D: | 397,30 Gb Total Space | 188,60 Gb Free Space | 47,47% Space Free | Partition Type: NTFS
Computer Name: xxx | User Name: Greech | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00703657-9656-4A0C-9946-0426F78F7CD1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{04D5C056-3336-4960-BDBB-3FCABF7BDD77}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{066F11DB-11F5-4ECA-B759-3771ED4CFBD6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{072AAA89-7175-4F78-8329-30F62E45B146}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{0BA82F76-DB0C-45E4-BEFA-A4476F1819A1}" = rport=138 | protocol=17 | dir=out | app=system |
"{13529782-675A-454B-BBF6-4DDA8F496516}" = lport=2869 | protocol=6 | dir=in | app=system |
"{152374DB-93A2-4CF0-9F3F-4E7628A7E3AB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{2FEA82A6-F1C2-4DE2-AD3B-F779A9288F9C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{31A61EB6-1610-49D1-A761-8A2A8557B487}" = rport=139 | protocol=6 | dir=out | app=system |
"{346C9D83-9CBD-4E2F-AF0E-7A6B03159A75}" = lport=445 | protocol=6 | dir=in | app=system |
"{36A990E5-4A6D-4700-A60F-2F25854D862D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3ADD83FB-9F3C-49A4-A0E2-47DE25127C2B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3DA27313-098B-4612-A192-EB93E61E1F39}" = lport=2869 | protocol=6 | dir=in | app=system |
"{460B1212-6E89-4FB0-9A9F-99236610ED65}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{56618DC8-68EC-4D7E-A126-BA89DB7CDCBB}" = lport=138 | protocol=17 | dir=in | app=system |
"{59C77607-ECBE-47D8-836D-C527F6E50462}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{609D79E4-75DC-48B6-9F9C-5E51DD7D0961}" = lport=8725 | protocol=6 | dir=in | name=i-clickr.exe operation port (8725) |
"{7597170F-F5CE-4104-BD74-94123001BB12}" = lport=137 | protocol=17 | dir=in | app=system |
"{7C9FE164-5F5A-43FE-97DA-D3F3812E9615}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{85DE3B36-8132-439A-9F38-55CC43372970}" = lport=1725 | protocol=6 | dir=in | name=i-clickr.exe operation port (1725) |
"{8D061C28-731C-4006-933A-A85E7CB9255B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A0C7E9D0-FBDA-4945-8E8A-4E1705177799}" = rport=445 | protocol=6 | dir=out | app=system |
"{AEC2DF1A-3C45-48ED-9B2C-754AA2BFDCBC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C0DE70A5-9ECF-48D2-9EBC-1F4B1B8300C7}" = lport=1725 | protocol=6 | dir=in | name=i-clickr.exe operation port (1725) |
"{CA785FED-A2E0-4103-AA36-2877719D487A}" = lport=8725 | protocol=6 | dir=in | name=i-clickr.exe operation port (8725) |
"{CCE94701-8644-496C-BAAC-6C236648D31C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E1E36F72-1071-4281-AFB4-437DDEFE2E2A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E2CA39A8-3985-43F7-A7DD-A851903D24A4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EDC642CB-104A-4AEC-BFF2-801D1D9C1C54}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F272D7AB-AE18-4AB0-A5B2-ABCFE9E8844F}" = lport=139 | protocol=6 | dir=in | app=system |
"{F86B7B37-2DAF-4C07-8830-45A77DBBFE66}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D6E3C3-678F-431C-8D3C-11C00B071FE8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0BDB7B22-0BA6-4F11-A912-63CA8AF41DB2}" = protocol=17 | dir=in | app=c:\program files (x86)\senstic\i-clickr\i-clickr.exe |
"{0DFE766B-BE16-418F-959A-9F39E010D74B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{15FEFD9D-9BEC-4728-9A6F-77B7B52BAE50}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{199C47D7-6060-4494-A7A9-1B95851409B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{19E98602-278D-4EF2-9D7D-F58F81D6C4FF}" = protocol=6 | dir=in | app=c:\program files (x86)\senstic\i-clickr\i-clickr.exe |
"{1CE724C4-992B-41A3-AD76-49D3219D91C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{26F612D0-1C7C-4A1A-9396-F55EFCA3AD70}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{2E505147-517C-4399-A379-ECD5170D018B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{375EF9C4-88EA-4907-82E9-6CAA9840BDEE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3AB5CF51-A999-40F7-A22A-9B8ED550E961}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3CD63017-87D0-4297-9BD4-9F51304140E6}" = protocol=6 | dir=in | app=c:\program files (x86)\senstic\i-clickr\i-clickr.exe |
"{3CEF2AF7-C0EB-4167-875C-BDB6033C1CD1}" = protocol=6 | dir=out | app=system |
"{44312916-61CD-4C28-BF19-0A1D4F8DAEB0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4A79433D-40B0-4187-8956-A19FDDBD1840}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{516EAE26-BDC3-42F3-9DBF-3C1A675F23CD}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{5534BD74-CF3A-4402-B842-ADEDAF80BAFE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{57F50E60-7BA6-42A9-895A-D704C57DCA4C}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{5EECA276-B6CC-41C1-B4E9-406F6247285A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6983055B-AA53-47FD-A9FC-2A140417407E}" = protocol=6 | dir=in | app=c:\users\greech\appdata\roaming\dropbox\bin\dropbox.exe |
"{836CC62B-4B5F-463B-9A59-676D1A5513A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8C6ABD7F-E206-464F-8E56-F421AD9C1E01}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{925FE6C3-8FF6-4BCD-9879-0ED930EC0266}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{92C01735-55A3-4621-A82E-261CFB20FDDD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{971B8F57-9E5E-434A-B5DF-76AD18AA3350}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A956E062-7C6C-4FAA-820C-45B5523D638D}" = protocol=17 | dir=in | app=c:\program files (x86)\senstic\i-clickr\i-clickr.exe |
"{B2196A2F-1166-4973-88E9-E9111D135016}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{BA0EC2B6-8F82-4562-99F4-578D8DB934B5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BB0BA1CE-3D8B-4C6A-B46F-823E12328234}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C2B7E608-2A18-4A62-A511-97145C5BEBBF}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C4DD31AB-CF8B-42BF-96CD-11F92982C54D}" = protocol=17 | dir=in | app=c:\users\greech\appdata\roaming\dropbox\bin\dropbox.exe |
"{C74A8E82-9A48-4FA5-9428-B36FBEA301F5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD0B885F-8770-44DF-8CFF-C155717FB754}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{DBE9BFD1-41FD-443A-A7C2-D1B291682BAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E561B6F6-FA09-4387-9201-97897D7CC5A0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E8DEFFC5-FF89-44A7-9451-3111B6E8CE60}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ED795D00-32EF-4D88-903A-E108224C7128}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F04CA3A3-E6DE-45B6-9C89-9FAD7E735F63}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F0571775-2152-4D9F-995B-8A173A1BBE04}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F11D6639-1905-4D62-9129-9AF765250960}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F42CBE10-3362-488D-8C2E-231ED5C01407}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"TCP Query User{504C1F1F-AFEA-4FD3-AFE0-EEF3F6D62CAD}C:\users\greech\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\greech\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{28860C46-5674-45D2-8F03-A63484926977}C:\users\greech\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\greech\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series" = Canon MX880 series MP Drivers
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82D5414E-1890-9EB6-4D70-71D99F2303BA}" = ccc-utility64
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B9E62002-BD74-30EC-9049-93E0E003C736}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0740E89E-9162-4BE2-9C4E-D9CFE33CB67A}" = i-Clickr
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E180A03-2496-E90A-23A6-351B6301E912}" = CCC Help German
"{1BCB3F87-B53D-9DFD-199E-004EDBFEE40B}" = Catalyst Control Center Graphics Previews Vista
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E9A0A9C-DC61-A431-5E84-F63E16963D1D}" = CCC Help Dutch
"{1F52BCA8-7C47-7895-035D-8E1951F94CE5}" = CCC Help English
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 37
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2BC1E54D-4FA8-B37B-1FB1-38D8F3B32A66}" = CCC Help Korean
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3BB88993-8444-18CE-679A-5D2108EAECFA}" = CCC Help Swedish
"{40E4CF35-FF4C-4876-F16B-9E4773003D84}" = CCC Help Italian
"{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}" = Microsoft Research AutoCollage 2008 version 1.1
"{42FC4996-043A-4C20-9864-C74E0BF1C6E8}_is1" = GS-ZEUGNIS Version 9.6
"{47397909-5132-A6F0-D580-6A6F4D213D60}" = CCC Help French
"{48B0F38D-1913-44F3-99AA-D4C55A2B038E}" = Drive Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52DBCA-CDFE-4265-B0AF-7E243C2DA997}" = Catalyst Control Center InstallProxy
"{4FAAF7D0-CB15-292D-886B-96FE2A069A7E}" = Catalyst Control Center Graphics Previews Common
"{5067214A-A9D2-8925-9270-BF149913DB99}" = CCC Help Japanese
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56E09BFC-D4A4-7FE4-02A9-A919D02B488D}" = Skins
"{5D9A0559-63B8-33AA-ADAC-30E0D45F738E}" = Catalyst Control Center Graphics Light
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6EC756AA-7AEB-7CCB-7129-CCD7E54E8D0F}" = ccc-core-static
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77CF7645-BFAD-4431-A59E-FBF273AE8B7C}" = Catalyst Control Center Core Implementation
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{97154923-423C-C470-6E18-ABED08732DFD}" = CCC Help Russian
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDEEA5A-1B5E-A242-24FF-DC594DC3733D}" = CCC Help Chinese Traditional
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9352913-9B23-D26A-3D98-9181239731C7}" = CCC Help Norwegian
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B5EDDAAD-6F46-A2F8-2B51-860F0D8D609E}" = CCC Help Portuguese
"{BFF24FDB-41F2-8123-0F52-DE29F34F46FA}" = CCC Help Finnish
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack
"{CA4F7074-8A0D-6D4F-D5C1-90A1B57F8CEC}" = Catalyst Control Center Graphics Full Existing
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CED8F7BC-8477-2948-F52A-08C5F75FBA9A}" = Catalyst Control Center Graphics Full New
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D15ED9D4-341E-3A0C-98AB-A695015B5648}" = Catalyst Control Center Localization All
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D570918C-A2FB-4C61-34F9-74BA6A472263}" = CCC Help Spanish
"{D637ED44-FE11-9C9C-815D-11ADE2D7E8A0}" = CCC Help Danish
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F67D89A1-3081-9DBB-D1EB-758A06F79539}" = CCC Help Chinese Standard
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Audacity_is1" = Audacity 1.2.6
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Dell Webcam Central" = Dell Webcam Central
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{48B0F38D-1913-44F3-99AA-D4C55A2B038E}" = Drive Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1
"MSC" = McAfee SecurityCenter
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Picasa 3" = Picasa 3
"Speed Dial Utility" = Canon Kurzwahlprogramm
"ST4UNST #1" = ERSTINSTALL
"ST4UNST #3" = GSZEUG_942
"ST4UNST #4" = GSZEUG_942 (C:\Program Files (x86)\GSZEUG_942\)
"TreeSize Free_is1" = TreeSize Free V2.7
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"33030675DC63B8C8D12A223C2017505053D50B01" = Doodle Outlook Connector
"Dropbox" = Dropbox
"f031ef6ac137efc5" = Dell Driver Download Manager
"Facebook Plug-In" = Facebook Plug-In
"FileZilla Client" = FileZilla Client 3.5.1
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.09.2011 05:28:38 | Computer Name = xxx | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wlmail.exe, Version: 15.4.3538.513,
Zeitstempel: 0x4dcdb9d1 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0c4ab5ed ID des fehlerhaften
Prozesses: 0xdcc Startzeit der fehlerhaften Anwendung: 0x01cc6ae0f555e2ad Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Windows Live\Mail\wlmail.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 44a07c2b-d6d8-11e0-ba08-0026b9215a2b
Error - 04.09.2011 06:00:50 | Computer Name = xxx | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wlmail.exe, Version: 15.4.3538.513,
Zeitstempel: 0x4dcdb9d1 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0e70b5ed ID des fehlerhaften
Prozesses: 0xf60 Startzeit der fehlerhaften Anwendung: 0x01cc6ae97fe43b82 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Windows Live\Mail\wlmail.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: c3f8da7f-d6dc-11e0-ba08-0026b9215a2b
Error - 06.09.2011 08:10:10 | Computer Name = xxx | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wlmail.exe, Version: 15.4.3538.513,
Zeitstempel: 0x4dcdb9d1 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0ffcb5ed ID des fehlerhaften
Prozesses: 0x3fc Startzeit der fehlerhaften Anwendung: 0x01cc6c8b2b8f9000 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Windows Live\Mail\wlmail.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 2a556d4a-d881-11e0-a39c-0026b9215a2b
Error - 11.09.2011 13:35:32 | Computer Name = xxx | Source = Application Hang | ID = 1002
Description = Programm mcagent.exe, Version 11.0.575.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 448 Startzeit:
01cc6ee6ced7c961 Endzeit: 624 Anwendungspfad: C:\Program Files\McAfee.com\Agent\mcagent.exe
Berichts-ID:
52f2b077-dc9c-11e0-a312-0026b9215a2b
Error - 12.09.2011 09:38:30 | Computer Name = xxx| Source = TomTomHOMEService | ID = 10000
Description =
Error - 12.09.2011 09:43:31 | Computer Name = xxx | Source = TomTomHOMEService | ID = 10000
Description =
Error - 18.09.2011 03:51:28 | Computer Name = xxx | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 6.0.2.4262 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 24e8 Startzeit:
01cc75d63d405e51 Endzeit: 26 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
f0bfac89-e1ca-11e0-a3b7-0026b9215a2b
Error - 18.09.2011 04:55:24 | Computer Name = xxx | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mcods.exe, Version: 15.0.262.0, Zeitstempel:
0x4d2e40b3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514, Zeitstempel:
0x4ce7c8f9 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c40f2 ID des fehlerhaften
Prozesses: 0x1cfc Startzeit der fehlerhaften Anwendung: 0x01cc755307c698c0 Pfad der
fehlerhaften Anwendung: C:\Program Files\McAfee\VirusScan\mcods.exe Pfad des fehlerhaften
Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: f1fe3733-e1d3-11e0-a3b7-0026b9215a2b
Error - 18.09.2011 04:55:52 | Computer Name = xxx | Source = McLogEvent | ID = 5019
Description = Exception in McShield.Exe! Exception details follow : VSCORE.14.4.0.333
Exception
Code : 0X00000000C0000005 Exception Address : 0X000000004900000D Exception
Parameters : 2 Param 1 = 0X0000000000000008 Param 2 = 0X000000004900000D More information
:
Error - 18.09.2011 04:55:54 | Computer Name = xxx | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mcshield.exe, Version: 14.4.0.333,
Zeitstempel: 0x4d7c7690 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000004900000d
ID
des fehlerhaften Prozesses: 0x13b0 Startzeit der fehlerhaften Anwendung: 0x01cc75372cc32b0e
Pfad
der fehlerhaften Anwendung: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 038ebe99-e1d4-11e0-a3b7-0026b9215a2b
[ Media Center Events ]
Error - 15.09.2012 03:51:08 | Computer Name = xxx | Source = MCUpdate | ID = 0
Description = 09:51:08 - Fehler beim Herstellen der Internetverbindung. 09:51:08
- Serververbindung konnte nicht hergestellt werden..
Error - 15.09.2012 03:51:18 | Computer Name = xxx | Source = MCUpdate | ID = 0
Description = 09:51:13 - Fehler beim Herstellen der Internetverbindung. 09:51:13
- Serververbindung konnte nicht hergestellt werden..
Error - 09.10.2012 12:51:23 | Computer Name = xxx | Source = MCUpdate | ID = 0
Description = 18:51:23 - Fehler beim Herstellen der Internetverbindung. 18:51:23
- Serververbindung konnte nicht hergestellt werden..
Error - 09.10.2012 12:51:33 | Computer Name = xxx | Source = MCUpdate | ID = 0
Description = 18:51:28 - Fehler beim Herstellen der Internetverbindung. 18:51:28
- Serververbindung konnte nicht hergestellt werden..
Error - 09.10.2012 13:52:36 | Computer Name = xxx | Source = MCUpdate | ID = 0
Description = 19:52:36 - Fehler beim Herstellen der Internetverbindung. 19:52:36
- Serververbindung konnte nicht hergestellt werden..
Error - 09.10.2012 13:52:42 | Computer Name = xxx | Source = MCUpdate | ID = 0
Description = 19:52:41 - Fehler beim Herstellen der Internetverbindung. 19:52:41
- Serververbindung konnte nicht hergestellt werden..
Error - 10.10.2012 03:06:30 | Computer Name = xxx | Source = MCUpdate | ID = 0
Description = 09:06:30 - Fehler beim Herstellen der Internetverbindung. 09:06:30
- Serververbindung konnte nicht hergestellt werden..
Error - 10.10.2012 03:06:42 | Computer Name = xxx | Source = MCUpdate | ID = 0
Description = 09:06:35 - Fehler beim Herstellen der Internetverbindung. 09:06:35
- Serververbindung konnte nicht hergestellt werden..
Error - 10.10.2012 04:06:49 | Computer Name = xxx | Source = MCUpdate | ID = 0
Description = 10:06:49 - Fehler beim Herstellen der Internetverbindung. 10:06:49
- Serververbindung konnte nicht hergestellt werden..
Error - 10.10.2012 04:06:56 | Computer Name = xxx | Source = MCUpdate | ID = 0
Description = 10:06:54 - Fehler beim Herstellen der Internetverbindung. 10:06:54
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 12.08.2012 10:46:24 | Computer Name = xxx | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 82
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 01.02.2013 16:01:08 | Computer Name = xxx | Source = bowser | ID = 8003
Description =
Error - 01.02.2013 16:13:08 | Computer Name = xxx | Source = bowser | ID = 8003
Description =
Error - 01.02.2013 16:49:08 | Computer Name = xxx | Source = bowser | ID = 8003
Description =
Error - 01.02.2013 17:25:09 | Computer Name = xxx | Source = bowser | ID = 8003
Description =
Error - 01.02.2013 17:49:13 | Computer Name = xxx | Source = bowser | ID = 8003
Description =
Error - 01.02.2013 18:01:13 | Computer Name = xxx | Source = bowser | ID = 8003
Description =
Error - 01.02.2013 18:13:14 | Computer Name = xxx | Source = bowser | ID = 8003
Description =
Error - 01.02.2013 18:25:11 | Computer Name = xxx | Source = bowser | ID = 8003
Description =
Error - 02.02.2013 12:10:55 | Computer Name = xxx | Source = bowser | ID = 8003
Description =
Error - 02.02.2013 12:46:58 | Computer Name = xxx | Source = bowser | ID = 8003
Description =
< End of report > Code:
GMER 2.0.18454 - hxxp://www.gmer.net
Rootkit scan 2013-02-02 19:27:15
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HM500JI rev.2AC101C4 465,76GB
Running: gmer_2.0.18454.exe; Driver: C:\Users\Greech\AppData\Local\Temp\fwlyqpob.sys
---- Kernel code sections - GMER 2.0 ----
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff960000f3c00 7 bytes [C0, A0, F3, FF, 01, AC, F0]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 9 fffff960000f3c09 2 bytes [06, 02]
---- Registry - GMER 2.0 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\904ce5cdc62c
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\904ce5cdc62c (not active ControlSet)
---- EOF - GMER 2.0 ---- Was ist zu tun?
Vielen Dank. |