Danke.
Übrigens braucht mein Rechner nicht nur gute fünf Minuten zum Hochfahren; ich kann ihn auch nicht mehr in den Ruhezustand schicken. Denn wenn ich es tue, fährt er sofort wieder hoch...
Hier die Logs:
AdwCleaner[S1].txt Code:
# AdwCleaner v2.300 - Datei am 09/05/2013 um 17:36:46 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Leon - DELL-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Leon\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Users\Leon\AppData\Local\Temp\Smartbar
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\Software\Conduit
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Chromium vnstall: 16724
Datei : C:\Users\Leon\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1116 octets] - [09/05/2013 17:36:46]
########## EOF - C:\AdwCleaner[S1].txt - [1176 octets] ##########
OTL.Txt Code:
OTL logfile created on: 09.05.2013 19:17:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Leon\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,52% Memory free
4,24 Gb Paging File | 3,07 Gb Available in Paging File | 72,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 203,24 Gb Total Space | 134,90 Gb Free Space | 66,37% Space Free | Partition Type: NTFS
Drive E: | 10,00 Gb Total Space | 5,72 Gb Free Space | 57,20% Space Free | Partition Type: NTFS
Drive L: | 19,53 Gb Total Space | 19,43 Gb Free Space | 99,50% Space Free | Partition Type: NTFS
Drive X: | 232,83 Gb Total Space | 224,81 Gb Free Space | 96,56% Space Free | Partition Type: NTFS
Computer Name: DELL-PC | User Name: Leon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Leon\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\BrmfRsmg.exe (Brother Industries, Ltd.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\DivX\DivX Plus Web Player\libxml2.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
========== Services (SafeList) ==========
SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BrYNSvc) -- C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (brmfrsmg) -- C:\Windows\System32\BrmfRsmg.exe (Brother Industries, Ltd.)
========== Driver Services (SafeList) ==========
DRV - (NTGUARD) -- C:\Program Files\A1 Internetschutz\bin\NTGUARD.SYS File not found
DRV - (MpKslefcb334f) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8D39BCF1-F8B8-43C9-8707-7D3F336DCC4B}\MpKslefcb334f.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (taphss6) -- C:\Windows\System32\drivers\taphss6.sys (Anchorfree Inc.)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.sys (Samsung Electronics)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (mf) -- C:\Windows\System32\drivers\mf.sys (Microsoft Corporation)
DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (BDA_Capture_225) -- C:\Windows\System32\drivers\BDA_Capture_225.sys (WideViewer Electronics CO., LTD)
DRV - (BrUsbScn) -- C:\Windows\System32\drivers\BrUsbScn.sys (Brother Industries Ltd.)
DRV - (brfilt) -- C:\Windows\System32\drivers\BrFilt.sys (Brother Industries Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 45 87 9A 81 EE 4B CE 01 [binary data]
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files\Common Files\doubleTwist\NPPodcast.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.04.01 01:04:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.04.01 01:04:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.04.13 01:01:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.05.08 02:12:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files\Mein Gutscheincode Finder\Firefox
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Users\Leon\Desktop\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Users\Leon\Desktop\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.04.13 01:01:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.05.08 02:12:18 | 000,000,000 | ---D | M]
[2012.01.24 05:03:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leon\AppData\Roaming\mozilla\Extensions
[2011.03.23 14:35:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leon\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009.06.04 14:29:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leon\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
O1 HOSTS File: ([2011.12.18 02:52:29 | 000,001,766 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.derstandard.at
O1 - Hosts: 127.0.0.1 derstandard.at
O1 - Hosts: 127.0.0.1 www.diepresse.com
O1 - Hosts: 127.0.0.1 diepresse.com
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\..\Toolbar\WebBrowser: (no name) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - No CLSID value found.
O3 - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\..\Toolbar\WebBrowser: (no name) - {968631B6-4729-440D-9BF4-251F5593EC9A} - No CLSID value found.
O3 - HKU\S-1-5-21-854732791-1063999141-2137841064-1002\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-854732791-1063999141-2137841064-1002..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013.05.09 16:30:43 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Leon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C4051C7-D34A-4085-905F-947728AF463F}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D410E442-F380-4A2F-B7D9-77889AE698C3}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap.dll) - C:\Program Files\Common Files\Jaksta Technologies\Audio Capture\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-854732791-1063999141-2137841064-1002 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{01d1aa9b-af13-11dd-b701-001aa09eca84}\Shell\AutoRun\command - "" = K:\
O33 - MountPoints2\{01d1aa9b-af13-11dd-b701-001aa09eca84}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.09 19:15:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Leon\Desktop\OTL.exe
[2013.05.09 17:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013.05.09 16:30:43 | 000,000,000 | -H-D | C] -- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
[2013.05.09 15:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.05.09 15:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.05.09 01:07:49 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Roaming\Freecorder 8 Video
[2013.05.08 15:10:06 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.08 14:55:26 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Roaming\OpenOffice.org
[2013.05.08 14:54:22 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013.05.08 14:50:31 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2013.05.08 14:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.05.08 13:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.05.08 13:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.05.08 03:05:51 | 000,000,000 | ---D | C] -- C:\Users\Leon\Documents\OneNote-Notizbücher
[2013.05.08 01:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.05.08 00:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\hsswpr_lock
[2013.05.08 00:27:57 | 000,000,000 | ---D | C] -- C:\Windows\de
[2013.05.08 00:25:17 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2013.05.08 00:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013.05.08 00:14:02 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2013.05.08 00:14:02 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2013.05.08 00:14:01 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2013.05.08 00:13:29 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Local\Windows Live
[2013.05.08 00:13:05 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2013.05.08 00:12:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013.05.07 22:38:26 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013.05.07 22:38:11 | 000,000,000 | ---D | C] -- C:\Program Files\SamsungPrinterLiveUpdateInstaller
[2013.05.07 22:38:10 | 000,000,000 | ---D | C] -- C:\Program Files\SamsungPrinterLiveUpdate
[2013.05.07 22:21:22 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.05.07 22:21:22 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.05.07 22:21:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.07 22:21:21 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.05.07 22:21:21 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.05.07 22:21:21 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.05.07 22:21:21 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.05.07 22:21:21 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.05.07 22:21:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.07 22:21:21 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.05.07 22:21:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.07 22:21:21 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.05.07 22:21:21 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.05.07 22:21:21 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.05.07 22:21:21 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.05.07 22:21:21 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.05.07 22:21:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.05.07 22:21:21 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.05.07 22:21:20 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.07 22:21:20 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.07 22:21:20 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.05.07 22:21:20 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.07 22:21:20 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013.05.07 22:21:20 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013.05.07 22:21:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.05.07 22:21:20 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.05.07 22:21:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.05.07 22:21:20 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013.05.07 22:21:20 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.05.07 22:21:20 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.05.07 22:21:20 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.05.07 22:21:19 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013.05.07 22:21:19 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.05.07 22:21:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.05.07 22:21:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.05.07 22:21:19 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.05.07 22:21:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.05.07 13:22:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.05.07 13:21:53 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.05.07 13:21:53 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.05.07 13:21:53 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.05.05 21:57:11 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Roaming\Malwarebytes
[2013.05.05 21:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.05.05 21:55:13 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.05.05 21:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.05.05 21:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.03 23:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Jaksta Technologies
[2013.05.03 23:11:13 | 000,000,000 | ---D | C] -- C:\Program Files\Freecorder extension
[2013.04.13 01:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013.04.10 15:47:38 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.04.10 15:47:37 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.04.10 15:47:37 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.04.10 15:45:52 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.04.10 15:45:39 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[4 C:\Users\Leon\Desktop\*.tmp files -> C:\Users\Leon\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.09 19:15:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Leon\Desktop\OTL.exe
[2013.05.09 19:05:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.09 18:53:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.09 18:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.09 17:55:08 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.09 17:52:15 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.09 17:52:14 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.09 17:51:56 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.09 17:50:59 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.05.09 17:34:33 | 000,628,743 | ---- | M] () -- C:\Users\Leon\Desktop\adwcleaner.exe
[2013.05.09 01:13:01 | 000,210,944 | ---- | M] () -- C:\Users\Leon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.09 00:22:40 | 000,022,468 | ---- | M] () -- C:\Users\Leon\Desktop\Notizen.odt
[2013.05.08 23:33:44 | 000,366,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.08 17:49:13 | 000,181,182 | ---- | M] () -- C:\Users\Leon\Desktop\Meine unerträglich schmerzhafte Kindheit.odt
[2013.05.08 16:26:56 | 000,026,121 | ---- | M] () -- C:\Users\Leon\Desktop\Meine Schulzeit im Landstraßer Gymnasium.odt
[2013.05.08 16:21:36 | 000,021,590 | ---- | M] () -- C:\Users\Leon\Desktop\Das musst du unbedingt schreiben.odt
[2013.05.08 14:56:00 | 000,000,990 | ---- | M] () -- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013.05.08 14:54:24 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.05.08 00:43:39 | 000,654,256 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.08 00:43:39 | 000,618,372 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.08 00:43:39 | 000,129,026 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.08 00:43:39 | 000,106,372 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.08 00:13:03 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.05.07 22:21:30 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2013.05.07 22:21:30 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2013.05.07 22:21:22 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.05.07 22:21:22 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.05.07 22:21:22 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.07 22:21:21 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.05.07 22:21:21 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.05.07 22:21:21 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.05.07 22:21:21 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.05.07 22:21:21 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.05.07 22:21:21 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.07 22:21:21 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.05.07 22:21:21 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.07 22:21:21 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.05.07 22:21:21 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.05.07 22:21:21 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.05.07 22:21:21 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.05.07 22:21:21 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.05.07 22:21:21 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013.05.07 22:21:21 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.05.07 22:21:21 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.05.07 22:21:20 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.07 22:21:20 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.07 22:21:20 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.05.07 22:21:20 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.07 22:21:20 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013.05.07 22:21:20 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013.05.07 22:21:20 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.05.07 22:21:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.05.07 22:21:20 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.05.07 22:21:20 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013.05.07 22:21:20 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.05.07 22:21:20 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.05.07 22:21:20 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.05.07 22:21:19 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013.05.07 22:21:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.05.07 22:21:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.05.07 22:21:19 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.05.07 22:21:19 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.05.07 22:21:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.05.05 21:55:14 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.05.02 17:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.05.02 14:21:30 | 005,113,454 | ---- | M] () -- C:\Users\Leon\Desktop\James Arthur - Impossible - Official Single.mp3
[2013.04.24 19:51:36 | 005,420,880 | ---- | M] () -- C:\Users\Leon\Desktop\Simple Plan- Summer Paradise ft. K'naan (Lyrics).mp3
[2013.04.22 01:11:59 | 000,004,673 | -HS- | M] () -- C:\Users\Leon\Desktop\Folder.jpg
[2013.04.22 01:11:59 | 000,001,526 | -HS- | M] () -- C:\Users\Leon\Desktop\AlbumArtSmall.jpg
[4 C:\Users\Leon\Desktop\*.tmp files -> C:\Users\Leon\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.09 17:34:30 | 000,628,743 | ---- | C] () -- C:\Users\Leon\Desktop\adwcleaner.exe
[2013.05.08 17:49:11 | 000,181,182 | ---- | C] () -- C:\Users\Leon\Desktop\Meine unerträglich schmerzhafte Kindheit.odt
[2013.05.08 16:26:54 | 000,026,121 | ---- | C] () -- C:\Users\Leon\Desktop\Meine Schulzeit im Landstraßer Gymnasium.odt
[2013.05.08 16:26:20 | 000,022,468 | ---- | C] () -- C:\Users\Leon\Desktop\Notizen.odt
[2013.05.08 16:21:23 | 000,021,590 | ---- | C] () -- C:\Users\Leon\Desktop\Das musst du unbedingt schreiben.odt
[2013.05.08 14:56:00 | 000,000,990 | ---- | C] () -- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013.05.08 14:54:24 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.05.08 01:06:55 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013.05.08 00:25:01 | 000,001,120 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2013.05.08 00:24:28 | 000,001,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2013.05.08 00:23:08 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2013.05.08 00:21:29 | 000,001,987 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2013.05.08 00:13:03 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013.05.08 00:12:32 | 000,001,788 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013.05.07 22:27:42 | 000,000,911 | ---- | C] () -- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.05.07 22:21:21 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013.05.05 21:55:14 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.05.05 15:53:25 | 2145,570,816 | -HS- | C] () -- C:\hiberfil.sys
[2013.05.03 23:10:24 | 000,002,097 | ---- | C] () -- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2013.05.03 22:59:23 | 005,113,454 | ---- | C] () -- C:\Users\Leon\Desktop\James Arthur - Impossible - Official Single.mp3
[2013.05.03 22:59:20 | 005,420,880 | ---- | C] () -- C:\Users\Leon\Desktop\Simple Plan- Summer Paradise ft. K'naan (Lyrics).mp3
[2012.12.07 10:48:58 | 000,212,600 | ---- | C] () -- C:\Windows\System32\SBuySupplies.exe
[2012.08.05 16:29:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat
[2012.06.12 14:52:56 | 000,024,064 | ---- | C] () -- C:\Windows\System32\ssi1mlm.dll
[2012.05.23 16:57:57 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.05.23 16:56:05 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2011.12.24 03:45:22 | 000,001,386 | -HS- | C] () -- C:\Users\Leon\AppData\Roaming\systemFP.$dk
[2010.12.16 02:34:34 | 000,010,109 | ---- | C] () -- C:\Users\Leon\AppData\Roaming\UserTile.png
[2010.05.18 16:17:16 | 000,004,832 | -H-- | C] () -- C:\Users\Leon\mxfilerelatedcache.mxc2
[2009.04.18 14:40:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.03.26 22:06:59 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.08.30 15:20:39 | 000,000,680 | ---- | C] () -- C:\Users\Leon\AppData\Local\d3d9caps.dat
[2008.04.14 20:39:23 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2007.11.30 17:22:38 | 000,210,944 | ---- | C] () -- C:\Users\Leon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\Verlauf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\OneNote-Notizbücher:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\Meine empfangenen Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\MAGIX_MusicMakerHipHopEdition2:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\MAGIX Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\Graboid:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\Freecorder:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\FFOutput:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\DVDVideoSoft:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Documents\Ableton:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Desktop\Sonstiges:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Desktop\Simple Plan- Summer Paradise ft. K'naan (Lyrics).mp3:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Leon\Desktop\James Arthur - Impossible - Official Single.mp3:Roxio EMC Stream
@Alternate Data Stream - 16 bytes -> C:\Users\Leon\Downloads:Shareaza.GUID
< End of report >
Extras.Txt Code:
OTL Extras logfile created on: 09.05.2013 19:17:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Leon\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,52% Memory free
4,24 Gb Paging File | 3,07 Gb Available in Paging File | 72,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 203,24 Gb Total Space | 134,90 Gb Free Space | 66,37% Space Free | Partition Type: NTFS
Drive E: | 10,00 Gb Total Space | 5,72 Gb Free Space | 57,20% Space Free | Partition Type: NTFS
Drive L: | 19,53 Gb Total Space | 19,43 Gb Free Space | 99,50% Space Free | Partition Type: NTFS
Drive X: | 232,83 Gb Total Space | 224,81 Gb Free Space | 96,56% Space Free | Partition Type: NTFS
Computer Name: DELL-PC | User Name: Leon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" =
"AntiVirusOverride" =
"FirewallDisableNotify" =
"FirewallOverride" =
"FirstRunDisabled" =
"UpdatesDisableNotify" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07A1D2E3-0159-4CA5-8F01-633E85258024}" = lport=2869 | protocol=6 | dir=in | name=microsoft upnp-port (tcp) |
"{0CCB58F7-8780-4ABC-8CA3-51BC6C9909D7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0E34F2F7-A9D7-4496-B080-243C66B0A34C}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 |
"{1143C70C-32C4-4686-990C-28265803D04D}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{1C77DB37-25DB-4433-A109-60A1FD73E4C7}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 |
"{1DB343EA-DAC9-4573-8465-5B201272F25A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{28CF3485-3472-4F0D-A163-B76830F78CEF}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2C57CB5F-A7C5-4598-8F82-FFD72DF5D6D3}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{32C95C2C-6867-46BA-BE3F-471393668ED8}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{39290B55-2B22-454D-B7AE-B712F10E6752}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4EF8AF75-511A-4C78-8CFA-00CFE405B5C5}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{51E3BED8-1548-46D7-A040-3657C0B67CC3}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{531C4239-7E50-4BC6-9EEB-70172F089236}" = lport=0 | protocol=6 | dir=in | name=magix upnp media server |
"{55517118-9DB8-476D-810C-ABF4AD5103C8}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5CEBC998-F776-48B0-B7D9-617BEB55E1D1}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{6AAF62EC-F018-435F-9CA1-7C1BE7D10F6C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{882F8D9F-0802-4F14-BFF1-F1284D6FA278}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8CA0A776-7FC8-497E-8BA2-BCEA9C5CDC19}" = lport=1900 | protocol=17 | dir=in | name=microsoft upnp-port (udp) |
"{8DCB0F69-5B96-45B7-AEBF-EFF5784427A7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8E465578-0C12-4610-BF95-219683C5FEB0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9774CF22-74EA-44D0-96F1-A6F955A219F8}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{987700EE-5D8B-4ECB-A593-B596959024DB}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9C55020D-2141-4362-B1CD-91623BE7AB5F}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9D923621-986D-41FB-BA88-A20FC98DE40A}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A99D296B-BCE1-4650-ADE7-11F2DBC07F41}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A9B3E516-811F-47EE-B1E7-0D9D2C23709B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BE193786-6FA4-4EFB-ACB0-FAFDCA0F842E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BE27BFA6-6CBF-4BF7-B414-CB85BB5C6D07}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C0140C34-EC8D-4566-AD6A-491E7711CBA4}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C0C25E83-4DC1-497B-AB14-CBE2FED124F0}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 |
"{CFE3C26C-52EC-44FF-AA18-476CAFFEC25C}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{D6EC9CF8-36CE-4F20-98F4-88065D2589D3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE52FE5D-7637-4936-A409-CBA456F741B1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E69F85B7-22C1-4ACB-B8A7-413273958340}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E8C5584B-6CA7-43B2-AA86-1B1221DAB5BC}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{EE5150DC-C5C6-406E-B99F-7FF07C7EF0AE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0454519F-864A-4390-AF79-6FB5A6ADA143}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0508FBE2-83E5-403A-8D21-C8EF3808EA8A}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{06681DF5-8B77-4160-B459-EE1EB7FCA0C9}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{07BC6564-701B-47F5-8184-DE0D653EB0BA}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{0E4BCCFE-8EFB-4308-8FFB-D5C5A1A0B024}" = protocol=17 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe |
"{124AE3A9-C596-4BED-835A-F6F69CB2478F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1808CB43-D1B8-4684-914A-CB68794AFCAF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2483BF85-D44E-4370-8BDD-4F25EEC9EDFC}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{2B69AD29-035B-405F-A52F-402C7B6A2E2C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{31D6D603-4BF3-4903-91D2-254BAEA5E444}" = protocol=17 | dir=in | app=c:\program files\applian technologies\freecorder 8 applications\torrent\aria2c.exe |
"{38D45935-B903-43A8-A213-F44FBBD10B38}" = protocol=6 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe |
"{3D77BBF7-3DC2-4728-BF5D-F306D784D418}" = protocol=6 | dir=in | app=c:\users\leon\desktop\sonstiges\wlan-assistent_rtm.exe |
"{4D262792-FE96-4CFA-A9C5-96A2DD6D2CFC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4E479BCC-DB2C-45B4-9F52-2EA89EB6DDC8}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{4FD6B4DA-D391-466C-A517-C4B4794D3772}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{54F0BAAF-76F6-4C3E-B5AB-B627C7143825}" = protocol=6 | dir=in | app=c:\program files\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{5C7BE2D4-3EA9-48C0-9EB6-19E67ECB2B16}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5D08F6F8-EC54-4A8B-891E-B43D79F32F37}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{657DEB62-F8E2-4793-9B72-95E48E39532C}" = protocol=6 | dir=in | app=c:\users\leon\desktop\wlan-assistent_rtm.exe |
"{68E92467-51CF-4718-8B13-F45004D4B552}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6CE67265-A60C-4B53-99F1-2F046ED1A03B}" = protocol=6 | dir=out | app=system |
"{75114C5A-67C2-412C-897D-6153BF77C506}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{778CB886-5749-4AF9-8579-DDCD9D9DF3FC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7E520238-8498-4856-A7F5-32A55DFA12CA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F01B42C-DE38-4CAA-853A-3C74F19C3982}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{83B12CB6-1EB5-4BC3-BA96-00A8DC0D3742}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{84E27C76-8CF4-4F85-8E03-5421FC375CAA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8BFD8868-13FF-4217-8592-5821B167416E}" = protocol=17 | dir=in | app=c:\users\leon\desktop\sonstiges\wlan-assistent_rtm.exe |
"{8D4DA714-5D07-4ACA-86D5-60CC48374C86}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{98B99113-C1F5-4691-816D-78570EC7CCDA}" = protocol=17 | dir=in | app=c:\program files\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{9F1CE2EC-CC03-4BE5-9A5E-C253A8249521}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{A826C3F6-3459-4EB9-8574-FCE6A3E3434E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B069D83A-DDB3-4AEC-8917-2D9B8AE7AE4F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{B2FF9C33-05C5-4C7C-9227-B82D6B3085A1}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{B4FD5CAD-D4A1-4DB7-A40B-B4C92DF66136}" = protocol=6 | dir=in | app=c:\users\leon\desktop\wlan-assistent_rtm.exe |
"{B60A28E8-2F6D-4812-9225-29C650E18E8B}" = protocol=17 | dir=in | app=c:\users\leon\desktop\wlan-assistent_rtm.exe |
"{B8C8FA32-9C38-448B-BA24-BE64352ADF7D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C4A52F1D-15E7-4DB7-AD71-F8F66AA9B209}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{C564684C-8D2E-4FBB-9D18-E063A607FE9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE1E58D3-A529-4FEF-A428-5D0BF50CA839}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D9488C6B-69A0-4123-87A5-EF8740BF98E5}" = protocol=17 | dir=in | app=c:\users\leon\desktop\wlan-assistent_rtm.exe |
"{DCD5CD4A-EA64-45EB-9ABE-FDCEED5719D9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E2EE13C5-DCE5-4BF6-B64C-30B921110D25}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E825FDCA-6CF5-4EE8-8622-203B823F3536}" = protocol=17 | dir=in | app=c:\users\leon\desktop\sonstiges\wlan-assistent_rtm.exe |
"{EDF08E66-44F7-40AE-8C41-77EB903846DD}" = protocol=6 | dir=in | app=c:\users\leon\desktop\sonstiges\wlan-assistent_rtm.exe |
"{EFCBDB5F-8166-4A59-91B8-684DFC6833DC}" = protocol=6 | dir=in | app=c:\program files\applian technologies\freecorder 8 applications\torrent\aria2c.exe |
"{F11BF259-5F06-45D4-BF64-4076CE3631F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F25A542B-85B1-4816-82B7-D5E18AB9A014}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F86E9487-AFE3-446D-96DD-C71AACE91D2A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F8DB1802-B1B4-4F50-AEFF-853FE4A9175A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{129DBC68-088A-4ED1-9800-99CC39AA0318}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"TCP Query User{3ED03619-7B94-46D4-8F3D-B4C1623D9C04}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{47AC62DA-E5F1-4B29-942C-DE3823AA64D7}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{5420C13F-06E4-4A13-955F-CBBC225E5589}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{5E19D479-52F0-4F5D-9D8C-DDDD8A659DE7}C:\program files\sprite software\sprite backup\spriteservice.exe" = protocol=6 | dir=in | app=c:\program files\sprite software\sprite backup\spriteservice.exe |
"TCP Query User{84176260-E43A-4617-B9BA-59009EFB3C72}C:\program files\mozilla firefox 4.0 beta 7\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox 4.0 beta 7\plugin-container.exe |
"TCP Query User{A6DDE160-E1E8-4ADA-8773-B79D84A5CFCE}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{AF22FBB3-9F78-47B1-BAA1-45DE2B0FF71F}C:\program files\mozilla firefox 4.0 beta 9\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox 4.0 beta 9\plugin-container.exe |
"TCP Query User{D5BD4524-5575-4ED8-9171-EC5946EE9DB8}C:\program files\msn messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"TCP Query User{DC5FEF27-AC9B-4730-8FC7-FEA479B8752B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{DCE76A23-9203-4A9F-9188-007BDB789700}C:\program files\mozilla firefox 4.0 beta 10\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox 4.0 beta 10\plugin-container.exe |
"TCP Query User{DCEF8876-9521-4F1F-A86B-8E200E574048}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{E0F91657-94A0-48FB-B848-B9633FE0E3B6}C:\users\leon\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\leon\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{E37F5762-13B7-4903-9126-31204A5F2F83}C:\program files\mozilla firefox 4.0 beta 10\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox 4.0 beta 10\plugin-container.exe |
"UDP Query User{0B490985-432D-41AC-8666-F5771D4D43CE}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{109F2FF9-38D7-4714-A211-0D8082442A7A}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{17266048-43FA-4F7C-815A-5A7E8665E90C}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"UDP Query User{180864EB-FE74-47F0-8D56-6FD1D713F1DA}C:\program files\mozilla firefox 4.0 beta 10\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox 4.0 beta 10\plugin-container.exe |
"UDP Query User{1D74F922-9932-46A0-AF53-98D2877E9608}C:\program files\mozilla firefox 4.0 beta 9\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox 4.0 beta 9\plugin-container.exe |
"UDP Query User{336D5DFD-38B8-4EC7-B8FE-8F68AB398048}C:\program files\msn messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"UDP Query User{362E9BF4-5AB4-47BD-8A48-D869A0E3A97C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{4F84D25C-5419-40ED-A15A-0733CD83C50E}C:\program files\mozilla firefox 4.0 beta 10\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox 4.0 beta 10\plugin-container.exe |
"UDP Query User{4FF88C37-C752-4AB3-99D8-550E85749A7D}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{5F74732E-2F9C-4691-AB88-4776EF9C9883}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{6E254C99-9D1A-469E-8866-3B443E940318}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{774B9551-9078-4350-8AAF-CECD4FC1B460}C:\program files\mozilla firefox 4.0 beta 7\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox 4.0 beta 7\plugin-container.exe |
"UDP Query User{AA36A05C-9AB0-4D89-A9F8-0BFC4E19356C}C:\program files\sprite software\sprite backup\spriteservice.exe" = protocol=17 | dir=in | app=c:\program files\sprite software\sprite backup\spriteservice.exe |
"UDP Query User{BD5992C3-C80C-4146-A260-A28E362DDEB3}C:\users\leon\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\leon\appdata\local\google\chrome\application\chrome.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0339996A-1CC7-4FCD-8BE6-A32076E70272}" = Application Suite
"{045DB95B-F123-B440-D999-AD083AA55196}" = CCC Help German
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{10149D2B-5A65-9DF4-662A-B532FEEC222C}" = Catalyst Control Center Graphics Light
"{11CB6E0D-FFB2-7FAE-17FC-CA92BEE8F24A}" = Catalyst Control Center Localization Japanese
"{1400192B-D969-6FD4-8044-E2D07C5ADE3A}" = Catalyst Control Center Localization German
"{14BD87BE-02AA-8E04-602C-B20A43267F5B}" = CCC Help Japanese
"{1662D4E1-B469-D6A3-085B-0B5350BF7CA5}" = Catalyst Control Center Localization Italian
"{168879EE-A348-BFB7-3622-3651449C629F}" = CCC Help Italian
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1A8E3C5D-B772-CB4A-1117-751B5D79787B}" = Catalyst Control Center Graphics Light
"{1B2E11A4-8566-B8C7-3FB6-0D2A6F8D2139}" = CCC Help Portuguese
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{266156C9-F681-A84B-083C-D2052A461583}" = Catalyst Control Center Graphics Full New
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2A6FFA23-9188-E796-4AFF-196A2004AA39}" = ccc-utility
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{2EE437A9-75E3-10D1-3633-D4E8D6043503}" = CCC Help Spanish
"{2F3BCA05-4FD4-9418-1976-32F783E43DF4}" = Catalyst Control Center Graphics Full Existing
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{31DABA20-10A1-4746-9D9F-57955B8DFF66}" = Free Games Offer, Desktop Shortcut
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38DFDA1A-2392-2DA1-92EB-54FB66DC24C4}" = Catalyst Control Center Graphics Previews Vista
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE8C77E-8703-B62E-8F7C-31F7AA97F2A7}" = Catalyst Control Center Localization French
"{4524E7FD-A547-C564-CD8F-A872F7C39029}" = CCC Help French
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4767A89A-F6A5-41B1-903C-734483739882}" = Highspeed-Internet-Installation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D36E01C-EEC6-F7C2-CBB9-AF00329B8009}" = ATI Catalyst Install Manager
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E4FC36F-A7B5-EE38-2FE4-7D0D94D230F5}" = Catalyst Control Center Localization Portuguese
"{6EF2AFEF-2044-4A85-ED1F-E70A568D7ED9}" = Catalyst Control Center Localization Turkish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75F8E142-7720-156D-C74C-80AA0974B993}" = CCC Help Polish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7727DA6C-A845-890D-2B48-7863A93F167C}" = Catalyst Control Center Localization Korean
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{848C0C17-7C57-709A-FDC4-F257D4469BAA}" = ccc-utility
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{87CA11B3-C4CE-D989-42C7-C6197B266EFD}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91F2493D-8A65-7BF3-5684-9D6397F8847D}" = Catalyst Control Center Core Implementation
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9529A038-D507-3B3F-ED6F-B0AB773153FE}" = ccc-core-static
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9794B30C-0FCB-3658-B44F-33BDDC788C2D}" = CCC Help English
"{994FCE98-1379-2A33-24BC-F092466CC5C4}" = Catalyst Control Center Localization Thai
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1B504F-25BD-325C-0C2A-FEF791F59FE3}" = Catalyst Control Center Core Implementation
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A3B99A45-2811-FA47-3055-3D247C4E2897}" = Catalyst Control Center Graphics Previews Common
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC7C7307-6324-D891-1E53-77B00E4F0961}" = CCC Help Turkish
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6EECBB7-BDA4-4E52-2BD6-69D70215AC48}" = Catalyst Control Center Localization Polish
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C279E4B3-9FCD-9D82-7A83-B773C2D4E526}" = Catalyst Control Center Localization Hungarian
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D192BE-5E2C-92CF-56A0-28C7D9D67B96}" = CCC Help Hungarian
"{C2F3DB53-EF8E-4885-36C4-34C4911FEAE0}" = ccc-core-static
"{C486C7E9-5591-8777-CEB5-FA373AFE6711}" = Catalyst Control Center Localization Spanish
"{C57606D6-7A44-4A99-D6D0-BA07FD3ACCEA}" = Catalyst Control Center Localization Chinese Traditional
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D379100F-65A2-4B54-D568-CD2BE238C6A3}" = Catalyst Control Center Graphics Previews Vista
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D973AE1D-ACB1-2C54-92FE-A29E2A7482C0}" = CCC Help Thai
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DD7E639B-0DAC-4587-A6BD-99B7D20E81B2}" = Snap.Do
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0EFA6E0-2A18-A83B-34EA-8435EFEE1285}" = CCC Help Korean
"{E24EDDF0-93A0-95CC-509A-1C012180F8CB}" = Skins
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E53C563F-1157-20B2-1276-755A22E814D2}" = Catalyst Control Center Localization Chinese Standard
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8DA1B1C-B987-9FD4-E4ED-DDA05DCE5E44}" = Catalyst Control Center Graphics Full Existing
"{EDEAA07C-654C-FB13-2F47-A4BDC41D77D0}" = Skins
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DDE283-47CF-30FC-F6C6-258FA404F784}" = Catalyst Control Center Graphics Full New
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}" = FaceFilter Studio Brother Edition
"{F5A4F780-DF0C-444F-BA82-637CCF5C8052}" = Windows Live Family Safety
"{F6B8797E-923E-4902-9698-62937FE80FAB}" = CCC Help Chinese Traditional
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB83EAC4-E3F6-4666-B45B-44522F2344B6}" = Brother MFL-Pro Suite DCP-J315W
"{FBF1268D-3323-545E-4DD0-F45AD313E37E}" = Catalyst Control Center Graphics Previews Common
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"aonUpdate" = aonUpdate
"ASIO4ALL" = ASIO4ALL
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"DivX Setup.divx.com" = DivX-Setup
"FormatFactory" = FormatFactory 2.70
"Freecorder 8 Applications" = Freecorder 8 Applications (8.0.0.87)
"Freecorder extension" = Freecorder extension
"Freecorder extension for Firefox" = Freecorder extension for Firefox
"Highspeed-Internet-Installation" = Highspeed-Internet-Installation
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InfraRecorder" = InfraRecorder
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Thunderbird 17.0.5 (x86 de)" = Mozilla Thunderbird 17.0.5 (x86 de)
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"Samsung ML-331x Series" = Samsung ML-331x Series
"Samsung Printer Live Update" = Samsung Printer Live Update
"Windows Mobile Device Handbook" = Windows Mobile-Ressourcen
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.05.2013 07:52:05 | Computer Name = DELL-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung RoxWatch9.exe, Version 9.0.1.64, Zeitstempel
0x454e37bb, fehlerhaftes Modul CPSCommonTools9.dll, Version 6.0.6002.18541, Zeitstempel
0x4ec3e3d5, Ausnahmecode 0xc0000135, Fehleroffset 0x00009f5d, Prozess-ID 0x1254,
Anwendungsstartzeit 01ce4cab9e3eeb04.
Error - 09.05.2013 07:52:12 | Computer Name = DELL-PC | Source = Microsoft-Windows-RestartManager | ID = 10007
Description =
Error - 09.05.2013 08:48:06 | Computer Name = DELL-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/09 14:48:06.380]: [00002688]: SendSKeySettingToDevice::
Snmp Load Error[0] To[10.0.0.74]
Error - 09.05.2013 09:48:34 | Computer Name = DELL-PC | Source = VSS | ID = 8194
Description =
Error - 09.05.2013 09:55:48 | Computer Name = DELL-PC | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Word.
Error - 09.05.2013 09:55:54 | Computer Name = DELL-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung WINWORD.EXE, Version 12.0.6668.5000, Zeitstempel
0x5083137f, fehlerhaftes Modul ssi1mdu.dll, Version 6.4.34.0, Zeitstempel 0x508ffdce,
Ausnahmecode 0xc0000005, Fehleroffset 0x0000a988, Prozess-ID 0x1e4, Anwendungsstartzeit
01ce4cbce534a657.
Error - 09.05.2013 10:43:11 | Computer Name = DELL-PC | Source = EventSystem | ID = 4621
Description =
Error - 09.05.2013 12:52:35 | Computer Name = DELL-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 09.05.2013 12:52:35 | Computer Name = DELL-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5102
Error - 09.05.2013 12:52:35 | Computer Name = DELL-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5102
[ Media Center Events ]
Error - 07.01.2008 04:11:11 | Computer Name = DELL | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 10.06.2008 04:38:43 | Computer Name = DELL-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
[ OSession Events ]
Error - 07.05.2013 21:11:56 | Computer Name = DELL-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.05.2013 21:12:11 | Computer Name = DELL-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.05.2013 21:15:07 | Computer Name = DELL-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.05.2013 21:15:20 | Computer Name = DELL-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.05.2013 21:23:28 | Computer Name = DELL-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 175
seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.05.2013 21:23:39 | Computer Name = DELL-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.05.2013 21:24:58 | Computer Name = DELL-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.05.2013 08:09:36 | Computer Name = DELL-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.05.2013 08:10:10 | Computer Name = DELL-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.05.2013 08:54:31 | Computer Name = DELL-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 34
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 09.05.2013 07:59:58 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 09.05.2013 08:03:57 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 09.05.2013 08:21:24 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 09.05.2013 09:02:23 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 09.05.2013 10:47:08 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 09.05.2013 11:40:14 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 09.05.2013 11:40:14 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 09.05.2013 11:53:43 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 09.05.2013 11:53:43 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 09.05.2013 11:53:43 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
|
AdwCleaner auf deinen Desktop.
