| 5idestep | 24.08.2013 12:56 |
Ausgeführt
Hallo Aneri,
danke für die rasche Antwort. Ich habe Adobe CS deinstalliert. Ich habe auch alle anderen adobe Produkte deinstalliert und trotzdem erscheint im LogFile immer noch Zitat:
activate.adobe.com
practivate.adobe.com
| Ich weiß nicht was ich noch deinstallieren soll um diesen Eintrag wegzubekommen.
Ich habe auch meinen PC mal ordentlich von Programmen entrümpelt, die ich sowieso nicht mehr nutze. Vielleicht erleichtert das die Arbeit.
Außerdem habe ich das Programm "Hitman Pro" durchlaufen lassen. Dieses wurde mir laut dem Brief der Telekom empfohlen. Es hat unzählige "*.exe-Dateien" als Trojaner identifiziert (Avira hatte gar nichts gefunden!) und laut Bericht gelöscht. Ich habe ihn erneut drüber laufen lassen und er hat kein Risiko mehr gefunden.
Trotzdem möchte ich mich gerne weiter absichern. Deshalb hier der leue Log! THX! Code:
OTL logfile created on: 24.08.2013 13:39:53 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\5idestep\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 36,66% Memory free
4,00 Gb Paging File | 2,53 Gb Available in Paging File | 63,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,26 Gb Total Space | 10,82 Gb Free Space | 21,52% Space Free | Partition Type: NTFS
Drive D: | 545,91 Gb Total Space | 298,52 Gb Free Space | 54,68% Space Free | Partition Type: NTFS
Drive E: | 129,51 Gb Total Space | 27,54 Gb Free Space | 21,26% Space Free | Partition Type: NTFS
Drive F: | 19,43 Gb Total Space | 1,75 Gb Free Space | 9,01% Space Free | Partition Type: NTFS
Computer Name: 5IDESTEP-PC | User Name: 5idestep | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\5idestep\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\5idestep\AppData\Local\Temp\decleaner\decleaner\setup\deCleaner.exe (Avira GmbH)
PRC - C:\Users\5idestep\AppData\Local\Temp\decleaner\decleaner\setup\avscan.exe (Avira GmbH)
PRC - C:\Programme\Opera\15.0.1147.153\opera_crashreporter.exe ()
PRC - C:\Programme\Opera\15.0.1147.153\opera.exe (Opera Software)
PRC - C:\Programme\Heimdal\HeimdalSecureDNS\DNSService.exe (Microsoft)
PRC - C:\Programme\Heimdal\Client\HeimdalAgent.exe (CSIS Security Group)
PRC - C:\Programme\Heimdal\Service\HeimdalAgentService.exe (CSIS Security Group)
PRC - C:\Users\5idestep\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\KORG\KORG USB-MIDI Driver\EsHelper2.exe (KORG Inc.)
PRC - C:\Programme\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Device Center\itype.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Users\5idestep\AppData\Local\Temp\decleaner\avwebloader.exe (Avira GmbH)
PRC - C:\Programme\CHERRY Mouse Driver\KMCONFIG.exe (UASSOFT.COM)
PRC - C:\Programme\CHERRY Mouse Driver\KMProcess.exe (UASSOFT.COM)
PRC - C:\Programme\CHERRY Mouse Driver\KMWDSrv.exe (UASSOFT.COM)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - c:\Programme\Windows Defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Programme\CHERRY Mouse Driver\StartAutorun.exe (UASSOFT.COM)
PRC - C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Opera\15.0.1147.153\ffmpegsumo.dll ()
MOD - C:\Programme\Opera\15.0.1147.153\opera_crashreporter.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\f7737cce1de95bc3fdf2b3de8dcc9712\Kies.Theme.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\8bd6ca89219c44bf986be31fef05dbcf\DevicePodcast.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\3cb1983c1548b73c1fd7822f6a7a3edf\DummyStorePlugin.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\fe3e0f283a7445ec9a84068f424521eb\DevicePhoto.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\fc306f0ba879221da3b71714737497b4\DeviceVideo.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\e0fa604d4aef9d2ff468afca3c7ccdd0\VideoManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\b6a7e28cce059bace851689e7a069281\DeviceMusic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e12846065ed6399ab30457e0cfa92e46\PhotoManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\f5ecfc22c14690fc0fceebcb97cd96c8\Phonebook.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\d3900e8082186592ad4795983bd89a79\MusicManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\e47cb115ee5c9ab8fa1955db87f87674\BATPlugin.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\32b7f0430ae844b0c88da44c69445b13\Kies.Common.MediaDB.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\04dcb396677acf05d2ee8bf56bdb098a\Kies.Common.StoreManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\40a5bae65f1d322a9695313889c64918\Kies.Common.CRMManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\4c60f752ae448f481ca5e10900220c30\Kies.Common.DBManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\eb34712b511270f363e1fa8fe432bb02\Kies.Common.AllShare.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\169d9398b8fedc52c9caf3abf9a95e6c\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\de4d9951079783994e4c2ff6661eb343\Kies.Common.MainUI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\98afc9f55b779475918d9bf3f5dffdd1\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\509e20d4dfced30dd765fcc43ec3e985\Kies.Common.DeviceServiceLib.FileService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\2044d526f28b86f19b3a5ab4457565ae\Interop.DevFileServiceLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4077c9bd5ce80c3efcc5a8e1b2fb6916\Kies.Common.DeviceService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\dfd678fd027105ff967233cb1e7b3956\Podcaster.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\bdfa1708c9a528569d5eba80158dcdc9\DeviceCommonLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\d92c612287eb7f54d636ce76ea005def\Kies.Plugin.ContentsManagerLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\304e192d0d141996200af7c13907c863\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c9ec20ac9d7aacf399e12929598dbe88\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\2346a1551589b170ab0dbda3d6a9bfd6\Kies.Common.Multimedia.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\a872e01c403ea61efb1abb335cff2487\Interop.PRPLAYERCORELib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\6b38cc3e15bb325304623becb93b080e\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4a51b22c2085ffa743b5add4c5f8bd14\Kies.Common.DeviceServiceLib.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\b98d0680f5720b3bd22d55e649739bd8\DeviceHost.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\7458d922b48a5f210eba6efb2c7f17b6\Kies.Locale.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\e63e006e8c0bd72b398c34237b4cb2d8\Kies.Common.Util.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\ace094fd4f13cf857b510fd654ec9adc\Kies.UI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\77b93e26fa90be173b1408f75c21227a\Kies.MVVM.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\cdf4c23633be7bff849e56858bd92e33\Kies.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\f69842a59a80267c673735eab7b0bcd3\GongSolutions.Wpf.DragDrop.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\3e0a1c2ac1939cfae133e52807d9ee58\Kies.ni.exe ()
MOD - C:\Users\5idestep\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\c91632cef78dc1e1ab7dce314c64f7a0\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\3485907c71cb4575a8ae6a9609bfe16c\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\cc59aeec8ea9faa8311426a9fba944a6\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d5b1b0c6e8a714de39a06e3b61f35fe\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\7a33af3fa6a140afb8ab0d9190ab2c9d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\4373d5deea0fd001dfac01a83f6f2bca\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\83bbc0d5a9689f5de5090dcf3e3958f8\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8834e734c13d53e65982db2a00563ce7\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\a9ecbe8beef8c04f60f9127ec6599abf\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e963e9f51746f8e23837be7760e187c6\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\564f737274f47efdfa212f8da43286e7\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\221d903193177a76f68965e8ffb8cbb4\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()
MOD - C:\Users\5idestep\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Users\5idestep\AppData\Local\Temp\decleaner\scewxmlw.dll ()
MOD - C:\Programme\CHERRY Mouse Driver\keydll.dll ()
MOD - C:\Programme\CHERRY Mouse Driver\MouseHook.dll ()
========== Services (SafeList) ==========
SRV - (HeimdalSecureDNS) -- C:\Programme\Heimdal\HeimdalSecureDNS\DNSService.exe (Microsoft)
SRV - (HeimdalService) -- C:\Programme\Heimdal\Service\HeimdalAgentService.exe (CSIS Security Group)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (KMWDSERVICE) -- C:\Programme\CHERRY Mouse Driver\KMWDSrv.exe (UASSOFT.COM)
SRV - (rpcapd) -- C:\Programme\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (ASPI32) -- File not found
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (a8djavs) -- C:\Windows\System32\drivers\a8djavs.sys (Native Instruments GmbH)
DRV - (a8djusb_svc) -- C:\Windows\System32\drivers\a8djusb.sys (Native Instruments GmbH)
DRV - (KORGUMDS) -- C:\Windows\System32\drivers\KORGUMDS.SYS (KORG INC.)
DRV - (mlkumidi) -- C:\Windows\System32\drivers\mlkumidi.sys (MusicLab, Inc.)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (synasusb) -- C:\Windows\System32\drivers\synasusb.sys (Steinberg Media Technologies GmbH)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (MarvinBus) -- C:\Windows\System32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 A5 DD A1 D9 C1 CD 01 [binary data]
IE - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
O1 HOSTS File: ([2012.02.07 18:21:28 | 000,001,304 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [KMCONFIG] "C:\Program Files\CHERRY Mouse Driver\StartAutorun.exe" KMConfig.exe File not found
O4 - HKLM..\Run: [KORG USB-MIDI Driver] C:\Program Files\KORG\KORG USB-MIDI Driver\EsHelper2.exe (KORG Inc.)
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" File not found
O4 - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\5idestep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\5idestep\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-4086697998-2822087783-1139883366-1000\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58CCCE75-D102-4416-A858-CFE68538DBEA}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58CCCE75-D102-4416-A858-CFE68538DBEA}: NameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5C4672E-84B7-4D08-AC52-64E1F3A9472D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9035FA1-715D-4CE5-A5B7-D63F48D5D004}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.08.24 13:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CSIS Heimdal
[2013.08.24 13:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\CSIS
[2013.08.24 13:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\Heimdal
[2013.08.24 13:14:33 | 000,000,000 | ---D | C] -- C:\Users\5idestep\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.08.24 12:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.08.24 12:26:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2013.08.24 12:25:02 | 000,000,000 | ---D | C] -- C:\Users\5idestep\AppData\Local\Opera Software
[2013.08.24 12:25:01 | 000,000,000 | ---D | C] -- C:\Users\5idestep\AppData\Roaming\Opera Software
[2013.08.24 00:26:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\5idestep\Desktop\OTL.exe
[2013.08.10 15:29:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2013.08.10 12:35:20 | 000,000,000 | ---D | C] -- C:\Users\5idestep\Desktop\Doreen
========== Files - Modified Within 30 Days ==========
[2013.08.24 13:22:49 | 000,001,105 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Heimdal.lnk
[2013.08.24 13:15:34 | 000,014,752 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.08.24 13:15:34 | 000,014,752 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.08.24 13:08:37 | 003,805,016 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.08.24 13:08:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.08.24 13:07:51 | 1609,474,048 | -HS- | M] () -- C:\hiberfil.sys
[2013.08.24 13:06:01 | 000,009,068 | ---- | M] () -- C:\Windows\System32\.crusader
[2013.08.24 00:26:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\5idestep\Desktop\OTL.exe
[2013.08.21 21:50:17 | 000,697,108 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.08.21 21:50:17 | 000,652,426 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.08.21 21:50:17 | 000,148,404 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.08.21 21:50:17 | 000,014,468 | ---- | M] () -- C:\Windows\System32\perfc009.dat
========== Files Created - No Company Name ==========
[2013.08.24 13:22:49 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Heimdal.lnk
[2013.08.24 13:06:01 | 000,009,068 | ---- | C] () -- C:\Windows\System32\.crusader
[2013.08.24 12:24:51 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 15.lnk
[2013.08.24 12:23:07 | 000,001,797 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013.04.07 17:29:37 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2013.04.07 17:29:37 | 000,037,344 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2013.03.14 18:25:33 | 000,007,602 | ---- | C] () -- C:\Users\5idestep\AppData\Local\Resmon.ResmonCfg
[2013.03.13 17:45:12 | 000,324,608 | ---- | C] () -- C:\Windows\System32\libsndfile.dll
[2013.03.12 01:45:31 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2013.02.14 16:21:22 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2013.02.14 16:16:27 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe
[2013.02.14 16:16:27 | 000,000,045 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe.cfg
[2013.01.06 16:02:28 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2013.01.06 16:02:26 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013.01.06 16:02:26 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013.01.06 16:02:25 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2013.01.06 16:02:24 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.11.05 19:32:13 | 000,000,089 | ---- | C] () -- C:\Windows\SPL7019.DAT
[2012.06.26 16:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.06.26 16:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.06.26 16:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.06.26 16:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.06.26 16:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.06.14 19:45:09 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2012.06.14 19:45:08 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2012.06.11 16:21:09 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012.03.21 13:57:19 | 000,000,071 | ---- | C] () -- C:\Windows\wiso.ini
[2012.02.29 18:45:21 | 000,065,793 | ---- | C] () -- C:\Windows\System32\esfw8b.bin
[2012.02.28 18:47:20 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.02.17 08:32:59 | 000,005,632 | ---- | C] () -- C:\Users\5idestep\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.02 18:23:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.09.01 11:53:56 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\4Free
[2013.03.24 16:17:29 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Acod
[2013.03.10 14:29:47 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Acxehu
[2013.03.11 20:44:32 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Acxoy
[2013.03.16 10:52:18 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Adqog
[2013.04.13 20:18:55 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Alwaz
[2012.07.08 17:32:28 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\AnvSoft
[2013.04.02 09:26:55 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Aqva
[2013.03.09 15:57:05 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Awca
[2013.03.23 17:15:54 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Axdy
[2013.02.19 11:36:53 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Axlei
[2013.03.23 17:15:54 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Axug
[2013.03.09 15:57:05 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Azha
[2013.03.08 21:18:19 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Azofk
[2013.02.13 09:50:55 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Azwey
[2013.04.24 18:32:26 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Beiqw
[2013.04.09 16:04:26 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Bias
[2012.07.08 17:40:37 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\CD-LabelPrint
[2013.08.24 13:14:33 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.02.17 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Daeg
[2012.02.07 18:15:11 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\DAEMON Tools Lite
[2013.04.03 11:52:05 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Doif
[2013.08.24 13:09:08 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Dropbox
[2013.03.12 01:52:42 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\DVDVideoSoft
[2013.08.24 12:35:43 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.02.07 09:09:29 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ebigc
[2013.02.13 20:06:08 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Elaci
[2013.03.14 07:33:00 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Elmo
[2013.03.26 17:54:31 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Enuxa
[2012.03.21 10:49:38 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\EPSON
[2013.02.15 16:19:04 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Exapam
[2012.09.18 17:21:05 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\FreeMoviesToDVD
[2013.03.30 21:27:29 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Fuqa
[2013.02.13 20:06:08 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Goheu
[2013.04.17 19:31:07 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Goru
[2013.03.21 20:15:35 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Haemu
[2013.03.08 11:39:52 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Hafen
[2013.02.19 11:36:53 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Hasyud
[2013.02.20 10:33:33 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Hioru
[2013.04.07 17:22:29 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Hoyp
[2013.02.27 17:12:35 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\ID3-TagIT 3
[2013.03.04 13:31:43 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ifmoyc
[2013.03.21 20:15:35 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ikxee
[2013.03.17 08:15:56 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ilizba
[2013.03.24 16:17:29 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ilob
[2013.03.17 08:15:56 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Inah
[2013.02.20 10:33:33 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ithu
[2013.02.18 11:07:02 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Koaq
[2013.02.18 12:32:21 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Korg
[2013.04.14 17:22:32 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Koyfbi
[2013.04.21 14:08:57 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Miux
[2013.02.21 16:52:17 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\MusicLab
[2013.03.10 14:29:47 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Muvefy
[2012.07.19 22:02:58 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\MyPhoneExplorer
[2013.03.14 07:33:00 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Nuyhu
[2013.02.14 11:58:35 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Obqiv
[2013.04.01 12:53:09 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ocmyz
[2013.04.21 14:08:57 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ofetef
[2013.04.13 20:18:56 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ogfoox
[2013.02.15 16:19:04 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Okuf
[2012.02.07 17:11:57 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Opera
[2013.08.24 12:25:01 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Opera Software
[2013.04.24 18:32:26 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ozase
[2013.06.15 13:24:39 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Piox
[2013.08.24 12:25:24 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\proDAD
[2013.04.01 12:53:09 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Puykco
[2013.04.17 19:31:07 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ruaq
[2013.03.04 13:31:43 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ryfu
[2013.05.25 15:36:43 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Samsung
[2013.04.07 17:22:29 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Saol
[2013.02.17 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Sauru
[2013.01.03 15:07:39 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.02.14 16:45:18 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Steinberg
[2013.04.09 16:04:26 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Suev
[2013.03.08 21:18:19 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Tayhze
[2013.03.07 10:51:12 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Towati
[2013.03.31 14:27:01 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ubbu
[2013.03.11 20:44:32 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Utpoi
[2013.03.30 21:27:29 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Vapydo
[2013.02.13 09:50:55 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Veyvb
[2013.02.14 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\VST3 Presets
[2013.04.02 09:26:55 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Wanin
[2013.04.03 11:52:05 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Wibe
[2013.04.06 18:09:12 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Wudik
[2013.04.22 16:30:41 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Xayg
[2013.03.07 10:51:12 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ydino
[2013.04.23 17:39:33 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ygula
[2013.03.26 17:54:30 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Yhweil
[2013.04.14 17:22:31 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Ypcuaf
[2013.03.31 14:27:01 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Yxam
[2013.04.22 16:30:41 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Yxdeto
[2013.03.16 10:52:18 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Yxova
[2013.03.08 11:39:52 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Yzanp
[2013.02.14 11:58:35 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Zias
[2013.04.23 17:39:33 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Zigee
[2013.04.06 18:09:12 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Zonuy
[2013.02.18 11:07:02 | 000,000,000 | ---D | M] -- C:\Users\5idestep\AppData\Roaming\Zucoan
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:88050731
< End of report >
Code:
OTL Extras logfile created on: 24.08.2013 13:39:53 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\5idestep\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 36,66% Memory free
4,00 Gb Paging File | 2,53 Gb Available in Paging File | 63,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,26 Gb Total Space | 10,82 Gb Free Space | 21,52% Space Free | Partition Type: NTFS
Drive D: | 545,91 Gb Total Space | 298,52 Gb Free Space | 54,68% Space Free | Partition Type: NTFS
Drive E: | 129,51 Gb Total Space | 27,54 Gb Free Space | 21,26% Space Free | Partition Type: NTFS
Drive F: | 19,43 Gb Total Space | 1,75 Gb Free Space | 9,01% Space Free | Partition Type: NTFS
Computer Name: 5IDESTEP-PC | User Name: 5idestep | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
[HKEY_USERS\S-1-5-21-4086697998-2822087783-1139883366-1000\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07443667-1E3F-42C3-90E5-76A2CB40B4D2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C124176-183A-4646-93E7-61AB32AC651F}" = lport=138 | protocol=17 | dir=in | app=system |
"{121BFC9B-8073-4471-8D14-5FE6B0BBE972}" = rport=10243 | protocol=6 | dir=out | app=system |
"{16248A17-6397-4370-8823-C9E57C4CFCB2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{22F8D2A6-989A-4529-85DD-E0E55360135B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3F7E3975-9A5C-4445-9059-B4476D580763}" = lport=445 | protocol=6 | dir=in | app=system |
"{4241F9F9-AEB8-4B3F-8F6D-1181BDE05344}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{444A7DCB-DB78-494E-B105-C7589C6114B8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DF8F2F1-6F25-406E-9A01-ADEAF5074AE0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4F212168-234F-407F-AC75-FFD31A836A6F}" = rport=445 | protocol=6 | dir=out | app=system |
"{5AAAC452-E5B1-4A37-957C-E45E4F682B13}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{636FC670-AD16-4475-925E-E994599FE457}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6450C5F1-86BD-486A-990F-1600D4F7F11B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{660AD670-798A-4B65-BD1F-B3594710D216}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FA325CE-AD58-4AB0-932D-93294A945FE1}" = rport=137 | protocol=17 | dir=out | app=system |
"{72B4781C-C895-4A76-ABB7-EF1BFB11D137}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7F20D9D5-B060-4BEF-AC79-429EA1A12BAD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{83ECF8CA-5547-46D8-9C1F-F71001B1E53E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8908FF09-8405-42E6-A2E9-652CF59C1949}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{899AB7C4-7F6F-4D50-9919-A3BCC9CDACAB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8D7AF163-7796-4A01-8002-EBCFC1831AC2}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{9488CF64-D097-4909-B0E8-40341B9BF4B5}" = lport=139 | protocol=6 | dir=in | app=system |
"{97656710-2B41-44F0-9EC7-1B62B067FE46}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9F6FC747-86EA-4C5A-969D-8DC7B28BAF17}" = rport=138 | protocol=17 | dir=out | app=system |
"{A05A47F8-9986-426F-84D2-BE157A2924B5}" = lport=137 | protocol=17 | dir=in | app=system |
"{A25F90B0-0339-4853-8148-ADC362700458}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A2B23106-8014-4FAA-8DD5-2CE5F2D4F5CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C20DC109-9550-4681-A836-812AE5715A71}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA0AE1ED-2F92-4FE1-9F36-5D5597D24D50}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E13D3982-530F-4D3F-9D0C-9B473B6076F7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E44AE8DF-E792-4A50-A31D-6CC324AB1908}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F3D2E9CD-5E8D-487D-A74C-DA5EE4BDE3AB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F6C4EA66-A7EA-4D73-8271-0CBB8E6BEBF1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FB96C225-A398-4245-9734-59D574FD6187}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{071B6FF6-A904-47A4-9299-4C0C86359B70}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{07778937-1B06-4241-BE19-4D6F1DA74D5C}" = protocol=6 | dir=in | app=f:\spiele\cossacks2\run\data\engine.exe |
"{0E396038-93EA-424D-A9D8-83339EDDAC20}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{164EDD37-9355-4E3E-847D-29D719DD9CD5}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{1B1F0A6E-624B-47A9-82E3-2E9F4D19443C}" = protocol=17 | dir=in | app=f:\spiele\cruisaider\stronghold crusader\stronghold crusader.exe |
"{1C785378-6321-4767-8BC8-41406F781041}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20411CE1-C70E-4F77-9C83-CC71EBB534CB}" = protocol=6 | dir=in | app=f:\spiele\cruisaider\stronghold crusader\stronghold crusader.exe |
"{21D306A6-52ED-464B-BC44-31F2AFD7FB3A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{23C57F52-BDEA-46C0-847E-400AE62BBCDA}" = protocol=17 | dir=in | app=f:\spiele\stronghold2\stronghold 2\stronghold2.exe |
"{27CAD97A-F1DD-49EB-9A08-0896DFD63CCE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{296A397D-EBDA-411E-A0B5-C13A5A63A3E7}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{2CFF7520-BF50-4C30-8897-C5DDE826A3DC}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{2F5E6C3E-6C8F-479F-8025-9A0CAF455A32}" = protocol=6 | dir=in | app=e:\programme\pinnacle\studio 16\programs\rm.exe |
"{3146E7BF-AEBE-4070-9D9A-E8D1EC385F4F}" = protocol=6 | dir=in | app=f:\spiele\stronghold2\stronghold 2\stronghold2.exe |
"{32AA7F8B-D0CB-4E38-B775-452E226F5014}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{37B3D868-D8DC-42AA-947B-DA7C20A0C76A}" = protocol=17 | dir=in | app=e:\programme\pinnacle\studio 16\programs\ngstudio.exe |
"{3C6CF304-C2AA-4645-8921-3E52A1D78DD3}" = protocol=6 | dir=out | app=system |
"{40C1E232-E57F-4AD7-8F3F-CFEFF3011F03}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{40C33D62-FD1F-4284-943C-87054129DDB3}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{40DD1481-106A-4942-A074-ED9501A3AAD1}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{49630166-6694-4C33-9A04-19DFE84C65E5}" = protocol=6 | dir=in | app=c:\users\5idestep\appdata\roaming\dropbox\bin\dropbox.exe |
"{5519B113-3158-4FFD-911E-14DDA7AE63CF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5BB6F71F-20C2-4563-B88F-3301410B4E16}" = protocol=17 | dir=in | app=e:\programme\pinnacle\studio 16\programs\rm.exe |
"{64AB242D-8090-4694-BDFD-A8C1ED6C80EC}" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"{7FB042FC-787D-44FF-BFE0-D602ADFBE62F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86ABE2AB-3002-4604-9708-55752DEBA08C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8C1ADD26-EE2B-416C-8793-F5C4AAA9F354}" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"{95973FC0-A67E-4DC8-B34C-60CFE4E104DD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9AB3BC28-C440-4BC2-BD3E-67E44770BD58}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A0D38FF3-DB6E-4CB7-9C5A-EACEEC4C0504}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A31FB286-8789-4039-99A1-CB3981C0DE88}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{A5F5A200-B24E-4079-BB26-F6BA938E7643}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB4F9823-27E2-49C0-B0EE-231E76C4DC2D}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{AD85730F-D443-49B0-9DB6-8981835A4937}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{AFC95452-4487-46A7-8555-EF86420C0DB2}" = protocol=6 | dir=in | app=e:\programme\pinnacle\studio 16\programs\umi.exe |
"{B333499A-7D3A-471E-8389-0F4308A3560C}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{B35FA5DF-ECAA-4FF3-8280-DDEEE9F09802}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B9FA859C-D86F-4582-8A3B-965C8D83CF20}" = protocol=6 | dir=in | app=f:\spiele\cruisaider\stronghold crusader\stronghold_crusader_extreme.exe |
"{BC2722B9-121E-4596-ABF5-975E7B7EAC94}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{C24A80D8-6571-4D39-821B-88BF5E180E6D}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{C64E887E-0951-4B75-902A-69A4EE7373FC}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{C92685CA-A3EF-4FCB-993F-337477330A68}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{C9A0C618-7FB9-4991-9280-0C9D9E0BF134}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF81E8A4-4A3E-48AD-B9C1-253C0A2DADBB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D2121ECC-6AD2-4A55-A31F-5500BE73BA4E}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{DB0CB69D-A841-4AC3-BF59-2D37D79029E5}" = protocol=17 | dir=in | app=c:\users\5idestep\appdata\roaming\dropbox\bin\dropbox.exe |
"{DB9EB57D-2F28-49EA-9707-6D43D38A5B87}" = protocol=6 | dir=in | app=e:\programme\pinnacle\studio 16\programs\ngstudio.exe |
"{DCEBB434-898D-4391-B55F-E38A0390FAEC}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{DD1E5CD7-0227-45DE-BA0A-AB6F1BE59C66}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{DD4AE4A7-49D0-47A9-B130-24B92F3E3F12}" = protocol=17 | dir=in | app=e:\programme\pinnacle\studio 16\programs\umi.exe |
"{F10F48A8-13FB-4107-AB37-9E9FF0651462}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{F1E890B2-1343-4507-8188-1F3940DDE72C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F4F97681-C9C7-4893-97AA-3AE12AA85A34}" = protocol=17 | dir=in | app=f:\spiele\cossacks2\run\data\engine.exe |
"{FC2118C8-98B4-4BA3-9D72-CB3F242321D2}" = protocol=17 | dir=in | app=f:\spiele\cruisaider\stronghold crusader\stronghold_crusader_extreme.exe |
"TCP Query User{213B542C-6FC2-4969-AF69-9175B1D7EB1B}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{21F4F4F4-B269-48C0-ACF8-8736F3613BC7}C:\program files\pinnacle\studio 12\programs\studio.exe" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"TCP Query User{544951BA-5A50-4D0C-A283-40FC4B2598C5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{63D6FD25-53C8-4B15-99D2-F498B117AD41}F:\spiele\cossacks2\run\data\engine.exe" = protocol=6 | dir=in | app=f:\spiele\cossacks2\run\data\engine.exe |
"TCP Query User{64B21EFB-8A96-4D73-8D37-73580047457E}C:\program files\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader\jre\bin\javaw.exe |
"TCP Query User{77B9D06C-3245-4ACC-988C-A37C9F3DC5AF}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{7B9F27E0-0418-488B-9C6A-547453CE1D08}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{B9E013FF-1F68-434E-8F5A-746B0831822B}G:\tl-wpa281\utility\powerline scan.exe" = protocol=6 | dir=in | app=g:\tl-wpa281\utility\powerline scan.exe |
"TCP Query User{D703A3DE-FB8B-4E70-A93A-55A02A57D1D4}C:\program files\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader\jre\bin\javaw.exe |
"TCP Query User{F7B3E1B2-D543-4B74-B32D-63301B0AD781}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe |
"UDP Query User{0FAA1DB4-355B-43F4-8E67-135159F2A9B5}C:\program files\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader\jre\bin\javaw.exe |
"UDP Query User{3A166011-2E9C-48B5-80A9-DB6A9A89931A}F:\spiele\cossacks2\run\data\engine.exe" = protocol=17 | dir=in | app=f:\spiele\cossacks2\run\data\engine.exe |
"UDP Query User{3C4F812B-6F24-49A7-BC89-7F949BFBF69B}C:\program files\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader\jre\bin\javaw.exe |
"UDP Query User{46F07027-3402-4A03-9F4D-F31F7BF02C6C}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{4DA72EBC-6FDD-4631-9FD4-3C39B9437BEA}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe |
"UDP Query User{58642E88-FA47-4BA3-8174-C81C1E705827}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{697CF55D-D844-477A-AE4D-4F1913E330B2}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{ADD3DAE3-63E5-48CE-8BCC-7697BF60AE5B}G:\tl-wpa281\utility\powerline scan.exe" = protocol=17 | dir=in | app=g:\tl-wpa281\utility\powerline scan.exe |
"UDP Query User{B9198930-FBD5-4D6A-98E2-ED6140AB9CDE}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{F7AA0793-0F84-43FC-8BED-71EFB876F1A4}C:\program files\pinnacle\studio 12\programs\studio.exe" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer 2012
"{0EB4D2B3-9410-4FB7-AD46-C48CE45B9498}" = Steinberg Retrologue
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series" = Canon iP4500 series
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{188A5482-9167-4177-8916-C13A7F379CB0}" = Native Instruments Solid EQ FX
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2DC42147-D7EB-4C30-BA4C-B4A86A4EF3B3}" = CHERRY Mouse Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A9455EB-0426-47F6-A21F-AAFB8D5F271F}" = AutoSketch Release 10
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{470BB39A-7231-4077-AD3D-86067AD04604}" = Native Instruments Audio 8 DJ Driver
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BED4DFE-C527-463E-B93A-6F6848B74DD0}" = Native Instruments Battery 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7A758BA6-3B7E-4182-8319-02F64CF1EB77}" = KORG KONTROL Editor
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84D04D4F-2201-4AED-BE9A-FFA62069CA19}_is1" = reFX Nexus 1.0.0
"{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}" = Steinberg Upload Manager
"{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}" = Steinberg LoopMash Content 2
"{8CBA7E47-48DA-47DC-8E98-6984BA830295}" = Steinberg VST Amp Rack Content 01
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{488F0918-97F9-4CD0-8AD5-8986A46AC962}" =
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{912B04B3-7C7C-4929-AE68-EC2A4CCB4E73}" = Microsoft-Maus- und Tastatur-Center
"{924A274D-38B6-4930-8859-F3F51CFA8DDD}" = WD SES Driver Setup
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A30B7FD7-04A1-46e1-ABDF-FD592C113253}" = MusicLab Virtual MIDI Driver
"{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}" = Steinberg HALion Sonic SE Content
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.4
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF382DDE-EBE2-4AD5-BA1E-4A69450D6C5B}" = Native Instruments Solid Dynamics FX
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B9AFA8A2-E972-48D2-A30B-B26302B3CE6A}" = KORG USB-MIDI Driver Tools for Windows
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6200FF8-999D-4C58-9047-08D2E065BDBB}" = Steinberg Cubase 6
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF14C576-C523-4754-A46C-F6D16EDE8A0A}" = Native Instruments Solid Bus Comp FX
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBF4BC99-53F1-4C97-84C3-7557D103E182}" = Steinberg Groove Agent ONE Vintage Beatboxes
"{DC0A50F1-AD2A-4B8C-BD9E-C047B3D8F9E5}" = Steinberg Padshop
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{EF7800A8-575E-4776-95A5-A9D904A85D5F}" = Steinberg HALion Sonic SE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"5513-1208-7298-9440" = JDownloader 0.9
"ASIO4ALL" = ASIO4ALL
"Camel Audio CamelCrusher" = Camel Audio CamelCrusher
"Canon iP4500 series Benutzerregistrierung" = Canon iP4500 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"DAEMON Tools Lite" = DAEMON Tools Lite
"eLicenser Control" = eLicenser Control
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"Heimdal" = Heimdal
"ID3-TagIT 3_is1" = ID3-TagIT 3
"InstallShield_{2DC42147-D7EB-4C30-BA4C-B4A86A4EF3B3}" = CHERRY Mouse Driver
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.1 (Full)
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"MPE" = MyPhoneExplorer
"Native Instruments Audio 8 DJ Driver" = Native Instruments Audio 8 DJ Driver
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Kontakt 5" = Native Instruments Kontakt 5
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Solid Bus Comp FX" = Native Instruments Solid Bus Comp FX
"Native Instruments Solid Dynamics FX" = Native Instruments Solid Dynamics FX
"Native Instruments Solid EQ FX" = Native Instruments Solid EQ FX
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Ogg Codecs" = Ogg Codecs 0.81.15562
"Opera 11.61.1250" = Opera 11.61
"Opera 12.02.1578" = Opera 12.02
"Opera 15.0.1147.153" = Opera Stable 15.0.1147.153
"reFX Nexus 1.0.9_is1" = reFX Nexus 1.0.9
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"RSO ExTreme Punch 3 VST" = RSO ExTreme Punch 3 VST
"RSO Vocal Magic Pro VST" = RSO Vocal Magic Pro VST
"sPlan_70_is1" = sPlan 7.0
"VLC media player" = VLC media player 1.1.11
"WaveLabPro" = WaveLab 6
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4086697998-2822087783-1139883366-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 24.08.2013 06:00:37 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-CAPI2 | ID = 4110
Description = Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen.
Fehler: Zugriff verweigert
Error - 24.08.2013 06:00:40 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-CAPI2 | ID = 4110
Description = Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen.
Fehler: Zugriff verweigert
Error - 24.08.2013 06:00:43 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-CAPI2 | ID = 4110
Description = Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen.
Fehler: Zugriff verweigert
Error - 24.08.2013 06:00:47 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-CAPI2 | ID = 4110
Description = Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen.
Fehler: Zugriff verweigert
Error - 24.08.2013 06:00:50 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-CAPI2 | ID = 4110
Description = Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen.
Fehler: Zugriff verweigert
Error - 24.08.2013 06:00:53 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-CAPI2 | ID = 4110
Description = Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen.
Fehler: Zugriff verweigert
Error - 24.08.2013 06:00:57 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-CAPI2 | ID = 4110
Description = Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen.
Fehler: Zugriff verweigert
Error - 24.08.2013 06:01:12 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-CAPI2 | ID = 4110
Description = Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen.
Fehler: Zugriff verweigert
Error - 24.08.2013 06:08:11 | Computer Name = 5idestep-PC | Source = VSS | ID = 8194
Description =
Error - 24.08.2013 06:09:14 | Computer Name = 5idestep-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e90 Startzeit:
01cea0b14a245650 Endzeit: 8 Anwendungspfad: C:\Users\5idestep\Desktop\OTL.exe Berichts-ID:
2a4f4c81-0ca5-11e3-8977-f8d111119bfe
[ System Events ]
Error - 14.01.2013 10:38:07 | Computer Name = 5idestep-PC | Source = WMPNetworkSvc | ID = 866297
Description =
Error - 14.01.2013 10:39:27 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 14.01.2013 11:02:16 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 14.01.2013 12:03:45 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 15.01.2013 07:37:40 | Computer Name = 5idestep-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 15.01.2013 07:37:40 | Computer Name = 5idestep-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 15.01.2013 07:37:49 | Computer Name = 5idestep-PC | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
Error - 15.01.2013 07:37:49 | Computer Name = 5idestep-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error - 15.01.2013 07:39:58 | Computer Name = 5idestep-PC | Source = WMPNetworkSvc | ID = 866297
Description =
Error - 15.01.2013 07:40:57 | Computer Name = 5idestep-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
< End of report >
|
Bitte Lesen:
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
SecurityCheck und:
