Code:
OTL logfile created on: 24.01.2013 21:16:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 45,14% Memory free
4,24 Gb Paging File | 2,51 Gb Available in Paging File | 59,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 277,50 Gb Total Space | 78,44 Gb Free Space | 28,27% Space Free | Partition Type: NTFS
Drive D: | 20,57 Gb Total Space | 12,62 Gb Free Space | 61,35% Space Free | Partition Type: FAT32
Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.01.24 21:16:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Downloads\OTL.exe
PRC - [2013.01.23 16:57:44 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.12.11 12:39:32 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.12.11 12:39:19 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.12.11 12:39:18 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.11 12:39:17 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.10.31 07:36:08 | 000,522,752 | ---- | M] (LOL Replay) -- C:\Programme\LOLReplay\LOLRecorder.exe
PRC - [2012.08.10 23:15:41 | 003,093,624 | ---- | M] () -- C:\Programme\Pando Networks\Media Booster\PMB.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.07 07:22:16 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.05.29 10:47:40 | 001,300,376 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2012.05.29 10:46:42 | 002,693,008 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.104\deploy\LoLLauncher.exe
PRC - [2012.02.16 16:16:58 | 000,144,384 | ---- | M] (Adobe Systems Inc.) -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.233\deploy\LolClient.exe
PRC - [2011.12.09 18:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Winamp\winampa.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.04.05 13:50:00 | 000,494,920 | R--- | M] (WinZip Computing, S.L.) -- C:\Programme\WinZip\WZQKPICK.EXE
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007.12.17 10:55:41 | 000,025,256 | ---- | M] () -- C:\Programme\Lexmark 2600 Series\lxdnmsdmon.exe
PRC - [2007.12.05 10:18:59 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdncoms.exe
PRC - [2007.12.05 10:18:53 | 000,098,984 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxdnserv.exe
PRC - [2007.05.10 16:10:06 | 004,468,736 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.03.29 14:20:22 | 000,786,432 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Programme\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
PRC - [2006.11.29 10:58:14 | 000,090,112 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\AutoDetector\Monitor.exe
PRC - [2001.11.12 12:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe
========== Modules (No Company Name) ==========
MOD - [2013.01.23 16:57:43 | 014,586,888 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2013.01.09 17:22:18 | 001,705,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\e67c93130bccca9ecab38df6cd2e60cb\System.ServiceModel.Web.ni.dll
MOD - [2013.01.09 17:19:21 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll
MOD - [2013.01.09 17:01:24 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1c40efd2328e271920f4b4eda38c0125\System.ServiceModel.ni.dll
MOD - [2013.01.09 17:00:30 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\895899bb8c1772f2043de17305d7eb35\System.Runtime.Serialization.ni.dll
MOD - [2013.01.09 17:00:19 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013.01.09 17:00:18 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bb8af3cf69f1337efda4e810b6751b89\SMDiagnostics.ni.dll
MOD - [2013.01.09 17:00:16 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013.01.09 16:59:49 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll
MOD - [2013.01.09 16:59:36 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013.01.09 16:59:07 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2cbdbc8bb7fcf0d7eb7a8d616e141d79\System.Core.ni.dll
MOD - [2013.01.09 16:59:02 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4d2c890606d2a3a43a90684115bfccfc\PresentationFramework.Aero.ni.dll
MOD - [2013.01.09 16:59:01 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\668c039655437b25586280e1fbff8ef0\PresentationFramework.ni.dll
MOD - [2013.01.09 16:58:41 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a8080296b18898342ce986091c08b0a4\PresentationCore.ni.dll
MOD - [2013.01.09 16:58:23 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9126f2ff9fd9c05900f67e963ccc27ef\WindowsBase.ni.dll
MOD - [2013.01.09 16:58:15 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013.01.09 16:57:32 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012.11.28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.11.28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.10.31 07:35:50 | 000,156,160 | ---- | M] () -- C:\Programme\LOLReplay\Air.dll
MOD - [2012.10.31 07:35:36 | 000,311,808 | ---- | M] () -- C:\Programme\LOLReplay\LOLUtils.dll
MOD - [2012.09.01 12:40:36 | 000,411,648 | ---- | M] () -- C:\Programme\LOLReplay\Compression.dll
MOD - [2012.09.01 12:10:38 | 000,052,224 | ---- | M] () -- C:\Programme\LOLReplay\Launcher.dll
MOD - [2012.08.10 23:15:41 | 003,093,624 | ---- | M] () -- C:\Programme\Pando Networks\Media Booster\PMB.exe
MOD - [2012.07.07 07:22:15 | 002,042,848 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.05.29 10:47:40 | 001,300,376 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2012.05.29 10:46:42 | 002,693,008 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.104\deploy\LoLLauncher.exe
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.02.18 19:39:53 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll
MOD - [2007.12.17 10:55:41 | 000,025,256 | ---- | M] () -- C:\Programme\Lexmark 2600 Series\lxdnmsdmon.exe
MOD - [2007.12.07 22:36:27 | 000,036,864 | ---- | M] () -- C:\Programme\Lexmark 2600 Series\app4r.monitor.core.dll
MOD - [2007.12.07 22:36:27 | 000,028,672 | ---- | M] () -- C:\Programme\Lexmark 2600 Series\app4r.monitor.common.dll
MOD - [2007.12.07 22:35:14 | 000,061,440 | ---- | M] () -- C:\Programme\Lexmark 2600 Series\app4r.devmons.mcmdevmon.dll
MOD - [2007.11.22 17:55:48 | 000,011,776 | ---- | M] () -- C:\Programme\Lexmark 2600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2006.10.26 22:30:12 | 000,131,072 | R--- | M] () -- C:\Programme\REALTEK USB Wireless LAN Driver and Utility\EnumDevLib.dll
MOD - [2004.07.26 16:11:50 | 000,028,672 | ---- | M] () -- C:\Programme\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2013.01.23 16:57:44 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.12.11 12:39:32 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.12.11 12:39:18 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.07 07:22:15 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.12.05 10:18:59 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdncoms.exe -- (lxdn_device)
SRV - [2007.12.05 10:18:53 | 000,098,984 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe -- (lxdnCATSCustConnectService)
SRV - [2001.11.12 12:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\videX32.sys -- (videX32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SjyPkt.sys -- (SjyPkt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.12.11 12:39:34 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.12.11 12:39:34 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.11.14 14:18:58 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.12.25 21:33:35 | 000,050,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV - [2007.06.16 13:11:00 | 007,566,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.06.13 11:09:44 | 000,017,280 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2007.03.26 14:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ViPrt.sys -- (ViPrt)
DRV - [2007.03.26 14:26:00 | 000,016,896 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ViBus.sys -- (ViBus)
DRV - [2007.02.08 18:46:44 | 000,211,456 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007.01.08 17:43:40 | 001,136,600 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2006.12.02 05:53:32 | 000,015,360 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2006.11.17 09:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2006.11.02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.06.08 09:49:50 | 000,344,064 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt73.sys -- (RT73)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{13B38ED5-F6AA-4833-B2CA-5ACEF200FF0D}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
IE - HKCU\..\SearchScopes\{36F34217-D85C-470D-AAA9-3D323196344C}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6DE5C561-9D4A-42E7-ABD8-59A0A2E804CE}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{9B761C77-D9FA-4494-9223-3721ADF89ACC}: "URL" = hxxp://search.avg.com/route/?d=4bb3325b&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{AC5C341E-007C-447F-872D-D24E79D5EBB0}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{E1D88547-1E03-4A0E-92C0-2AF16353879D}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: toolbar@gmx.net:2.4
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.24 19:47:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.23 17:04:18 | 000,000,000 | ---D | M]
[2009.05.06 14:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions
[2013.01.24 19:47:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\s6hv9myc.default\extensions
[2012.10.20 12:14:28 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\s6hv9myc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.07.03 22:28:20 | 000,000,000 | ---D | M] (Media Converter) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\s6hv9myc.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2010.04.01 10:23:41 | 000,000,000 | ---D | M] (MR Tech Toolkit) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\s6hv9myc.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
[2013.01.10 21:24:41 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\s6hv9myc.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.09.13 18:42:06 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\s6hv9myc.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2013.01.08 19:26:14 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\s6hv9myc.default\extensions\firefox@ghostery.com
[2013.01.04 17:14:47 | 000,347,340 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\extensions\autopager@mozilla.org.xpi
[2013.01.18 13:28:33 | 000,492,222 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\extensions\toolbar@gmx.net.xpi
[2012.02.11 17:52:57 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2011.04.14 19:57:50 | 000,164,858 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
[2013.01.05 17:15:03 | 000,220,411 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.11.23 19:24:40 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.10.13 16:19:44 | 000,000,855 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\1und1-suche.xml
[2011.11.28 15:15:22 | 000,001,283 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\amazondotcom-de.xml
[2011.11.28 15:16:14 | 000,002,366 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\eBay-de.xml
[2011.11.03 10:32:05 | 000,002,419 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\englische-ergebnisse.xml
[2011.10.13 16:01:56 | 000,010,507 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\gmx-suche.xml
[2010.06.24 14:25:09 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-10.xml
[2010.06.27 18:54:10 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-11.xml
[2010.07.22 17:43:23 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-12.xml
[2010.07.22 18:58:17 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-13.xml
[2010.09.03 12:37:07 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-14.xml
[2010.09.19 11:04:52 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-15.xml
[2010.10.22 00:29:48 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-16.xml
[2010.10.26 14:36:43 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-17.xml
[2010.12.11 12:44:59 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-18.xml
[2010.12.23 10:07:54 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-19.xml
[2011.03.13 09:54:22 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-20.xml
[2011.03.30 19:39:24 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-21.xml
[2011.05.01 11:58:22 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-22.xml
[2011.06.23 11:42:18 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-23.xml
[2011.06.30 17:49:22 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-24.xml
[2011.08.18 22:55:04 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-25.xml
[2011.09.02 09:20:35 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-26.xml
[2011.09.07 18:46:00 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-27.xml
[2011.09.27 18:35:52 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-28.xml
[2011.10.02 18:32:14 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-29.xml
[2011.11.09 22:05:03 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-30.xml
[2011.12.08 17:34:14 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-31.xml
[2011.12.23 18:02:23 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-32.xml
[2012.01.02 14:20:00 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-33.xml
[2009.07.24 17:25:30 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-4.xml
[2009.07.24 18:25:05 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-5.xml
[2009.07.24 18:37:28 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-6.xml
[2009.07.24 22:10:55 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-7.xml
[2009.07.24 22:43:02 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-8.xml
[2009.08.05 08:43:39 | 000,000,950 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\icqplugin-9.xml
[2011.11.28 16:00:56 | 000,002,387 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\lastminute.xml
[2011.10.13 16:34:10 | 000,002,248 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\mailcom-search.xml
[2012.05.06 11:21:08 | 000,005,489 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\s6hv9myc.default\searchplugins\webde-suche.xml
[2013.01.23 17:26:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.05.06 14:53:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.07.07 07:22:16 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.02.11 17:52:11 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.11 17:52:11 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.11 17:52:11 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.11 17:52:11 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.11 17:52:11 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.11 17:52:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s File not found
O4 - HKLM..\Run: [lxdnamon] C:\Program Files\Lexmark 2600 Series\lxdnamon.exe ()
O4 - HKLM..\Run: [lxdnmon.exe] C:\Program Files\Lexmark 2600 Series\lxdnmon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Programme\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-1170-17534-28/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-1170-17534-28/4 File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C88F9EE-6C50-453A-80AF-FC4A3072BB9A}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2373DAED-E0A9-47BB-8A61-45D8AABBC563}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5547983-0077-4DBC-8F95-3A51E6352F32}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\PC\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\PC\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.23 18:42:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\ICQ
[2013.01.23 17:35:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.01.23 17:34:48 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.01.23 17:34:17 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.01.23 17:34:17 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.23 17:34:17 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.23 16:57:44 | 000,697,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.01.23 16:57:44 | 000,074,248 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.01.23 13:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.01.22 19:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.22 19:30:50 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.22 19:30:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.22 18:43:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.22 18:33:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.01.22 18:13:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.01.22 18:13:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.01.22 18:13:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.01.22 18:13:10 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.01.22 18:12:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.22 18:11:08 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.22 18:11:00 | 005,025,054 | R--- | C] (Swearware) -- C:\Users\PC\Gimp\Desktop\ComboFix.exe
[2013.01.22 01:37:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.01.15 14:03:33 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.01.11 17:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.01.11 17:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.01.11 17:47:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.01.11 17:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.01.11 17:40:38 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.01.09 13:35:47 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.01.09 13:35:09 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.12.31 13:07:59 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\LOLReplay
[2012.12.31 13:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\LOLReplay
[2010.09.02 15:05:30 | 002,736,736 | ---- | C] (Conduit Ltd.) -- C:\Program Files\tbsoft.dll
========== Files - Modified Within 30 Days ==========
[2013.01.24 20:59:26 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.24 20:03:23 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job
[2013.01.24 20:03:20 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.24 20:03:20 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.24 20:03:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.24 19:38:27 | 000,574,315 | ---- | M] () -- C:\Users\PC\Gimp\Desktop\adwcleaner(1).exe
[2013.01.23 17:39:57 | 000,000,047 | ---- | M] () -- C:\Windows\WinInit.Ini
[2013.01.23 17:39:54 | 000,088,777 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2013.01.23 17:39:04 | 000,000,941 | ---- | M] () -- C:\Windows\uninst.ini
[2013.01.23 17:34:00 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.23 17:33:58 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.01.23 17:33:58 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.01.23 17:33:58 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.01.23 17:33:58 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.01.23 17:33:58 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.23 17:11:26 | 000,000,025 | ---- | M] () -- C:\Windows\SIERRA.INI
[2013.01.23 17:04:18 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013.01.23 16:57:44 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.01.23 16:57:44 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.01.23 13:13:21 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.01.22 19:30:52 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.22 18:10:57 | 000,173,568 | ---- | M] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.22 17:08:30 | 005,025,054 | R--- | M] (Swearware) -- C:\Users\PC\Gimp\Desktop\ComboFix.exe
[2013.01.13 17:43:32 | 000,681,680 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.13 17:43:32 | 000,640,710 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.13 17:43:32 | 000,148,950 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.13 17:43:32 | 000,122,594 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.11 17:49:29 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.01.09 16:55:04 | 003,729,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.03 19:34:26 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.31 13:07:45 | 000,001,782 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2012.12.31 13:07:45 | 000,001,690 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
========== Files Created - No Company Name ==========
[2013.01.24 19:38:12 | 000,574,315 | ---- | C] () -- C:\Users\PC\Gimp\Desktop\adwcleaner(1).exe
[2013.01.23 17:39:57 | 000,000,047 | ---- | C] () -- C:\Windows\WinInit.Ini
[2013.01.23 17:39:04 | 000,000,941 | ---- | C] () -- C:\Windows\uninst.ini
[2013.01.23 17:04:18 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013.01.23 17:04:18 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013.01.23 16:57:44 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.23 13:13:21 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.01.22 19:30:52 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.22 18:13:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.01.22 18:13:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.01.22 18:13:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.01.22 18:13:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.01.22 18:13:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.11 17:49:29 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.31 13:07:45 | 000,001,782 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2012.12.31 13:07:45 | 000,001,702 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
[2012.12.31 13:07:45 | 000,001,690 | ---- | C] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2012.10.05 13:12:36 | 005,618,768 | ---- | C] () -- C:\Users\PC\com.android.vending_3.8.16.apk
[2012.08.10 21:28:01 | 000,000,051 | ---- | C] () -- C:\ProgramData\osdtngrmymcyfto
[2012.01.23 11:43:19 | 000,144,772 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.11.25 18:09:27 | 000,000,090 | ---- | C] () -- C:\Users\PC\AppData\Local\fusioncache.dat
[2010.09.02 15:05:30 | 000,006,836 | ---- | C] () -- C:\Program Files\UNWISE.INI
[2010.08.29 18:53:20 | 000,000,000 | ---- | C] () -- C:\Users\PC\AppData\Local\prvlcl.dat
[2010.04.28 19:40:44 | 000,008,576 | ---- | C] () -- C:\Users\PC\.recently-used.xbel
[2009.07.24 13:18:43 | 000,000,680 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps.dat
[2009.03.12 16:07:58 | 000,000,030 | ---- | C] () -- C:\Users\PC\AppData\Roaming\Default.PLS
[2009.03.10 17:49:00 | 000,173,568 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
Code:
OTL Extras logfile created on: 24.01.2013 21:16:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 45,14% Memory free
4,24 Gb Paging File | 2,51 Gb Available in Paging File | 59,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 277,50 Gb Total Space | 78,44 Gb Free Space | 28,27% Space Free | Partition Type: NTFS
Drive D: | 20,57 Gb Total Space | 12,62 Gb Free Space | 61,35% Space Free | Partition Type: FAT32
Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0427D948-DF45-42C3-A773-E5DCF4F978A9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{14B97494-2731-4BBB-8484-071F2B479F35}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1F68E4CE-EAEB-4B07-B2BA-27A2E19845A1}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4C922C27-27BE-4645-AE04-E7F2FAD52906}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F05053A-5FF5-4AE2-B279-567EB1AA9369}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE1DC206-4B38-431A-B40D-E0E4DE642DCD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DD08943B-9F3E-4DC4-861A-3581751EDB0D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E605B4E7-AE2C-45E8-BA61-9820FC4E3AD5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1051E893-5B6C-4A98-8F1D-41EA01B47162}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{147A938C-1E74-45F9-8A97-0621C9EE580F}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{1CB7D9F9-8633-4BAC-B88E-8F27A84C37C8}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{1ED8FBB2-F796-4B44-98AD-38DC1B8665C7}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{2524609D-9ED6-4983-BDB3-59EFC95F927F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{31EF03E7-E382-414E-AC97-16DEEBD76EDB}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe |
"{34025260-FECE-49FC-B6E8-47BBFCD5DA37}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdntime.exe |
"{446FD513-D99B-4306-B370-07E081B1C51F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{46B48FA1-0DA9-48D2-B4F5-82B202E7832E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{48AA5ED3-F0C5-4AED-9D8E-F808818CAB65}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4B37919C-2017-4457-959F-305E63FE459E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnjswx.exe |
"{4E7B7B94-08CD-4260-8632-C1523A02B0B2}" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"{56D2AB86-4E24-439F-96D9-132A3A13D1E7}" = protocol=6 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe |
"{6E38B364-A3B2-4B41-87D1-A7B794FD9445}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnjswx.exe |
"{74035061-A957-44AA-A608-3AC9AB7EAF2B}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{778CEB29-88A9-48F5-9C1D-3C80579C0938}" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"{84E6AEBD-7E82-408D-A32F-6655240C5BD5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{855ADAB8-84AA-4508-8A70-C858DBB6399A}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8B7425AA-72BB-4FDC-9D9F-DCA3E3B72E15}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{9443DD48-A193-453B-98FB-2E05008A8342}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{97ABC2AB-CDB8-4A67-9A00-2658DEB3105E}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{99C385EA-44A9-4565-834B-8119F9A0FA19}" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\frun.exe |
"{A2B5409E-9872-4ACD-8EA4-4B929BC96097}" = protocol=17 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe |
"{A9C74460-945A-4C0E-8FD2-B706B1ABAD1E}" = protocol=6 | dir=in | app=c:\program files\pplive\pplive.exe |
"{ACCFFE4E-0DEC-4DF1-99AC-18FD11FE53FF}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{B7E05870-063E-4503-AB64-4CD1EFE8F9C4}" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnamon.exe |
"{C363FBCE-302E-4682-8EEE-A302F7FFA4C3}" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnamon.exe |
"{CE0D546F-C8EC-412B-B9EF-6CC8192390E3}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{DB027967-794C-4D0B-9136-ED304C4506D9}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DBCA5814-543E-4718-A8C9-FD2870566B36}" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\frun.exe |
"{DF08E080-E92C-4DDC-86C6-ED96A0BACF5F}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe |
"{E168A49C-95C6-416B-9BAC-71556E3E8F75}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdntime.exe |
"{E1B2B661-47C6-44C1-8E0F-A4E6EE93D2EA}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{F357E73D-7EE1-4C39-AAC9-C388D5D3B03C}" = protocol=17 | dir=in | app=c:\program files\pplive\pplive.exe |
"{F45BD94A-BA3C-4800-B058-0BC3236EE95D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{0B17056A-7B12-4515-A7AB-D06D3DF15437}C:\users\pc\spiele\battelfield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=c:\users\pc\spiele\battelfield vietnam\bfvietnam.exe |
"TCP Query User{0D918CD5-0DAA-46AA-9361-0D0BC8C5B191}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe |
"TCP Query User{12123A3A-FD27-4F5F-9B10-C429E67DA407}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{1533F918-39E9-458E-9A96-ADE09D5BE449}C:\users\pc\appdata\local\temp\rar$ex01.426\ipcurve\ipcurve.exe" = protocol=6 | dir=in | app=c:\users\pc\appdata\local\temp\rar$ex01.426\ipcurve\ipcurve.exe |
"TCP Query User{21104C88-EC56-4A35-999C-8569BA6105DC}C:\program files\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files\lolreplay\lolreplay.exe |
"TCP Query User{2285F3D7-162A-4ABB-A764-F6C557853A6F}C:\users\pc\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\pc\spiele\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{2508E41B-A4D2-40E8-95C3-7499BC85E94E}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{29F2DDB7-20E4-4D16-B3FF-0D59CFBAA794}C:\users\pc\appdata\local\temp\rar$ex05.173\ipcurve\ipcurve.exe" = protocol=6 | dir=in | app=c:\users\pc\appdata\local\temp\rar$ex05.173\ipcurve\ipcurve.exe |
"TCP Query User{34CF8E16-93B1-4D25-B70D-620FAA62F02F}C:\program files\rapidsolution\audials tv\bin\audialstv.exe" = protocol=6 | dir=in | app=c:\program files\rapidsolution\audials tv\bin\audialstv.exe |
"TCP Query User{42CFC478-5B12-4EC0-9B0E-4D3B78E299C8}C:\users\pc\downloads\eligium_0_92_21_13_en_dl.exe" = protocol=6 | dir=in | app=c:\users\pc\downloads\eligium_0_92_21_13_en_dl.exe |
"TCP Query User{4DF32E65-A794-4003-913E-3FA344470DCB}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{518AAC6F-2298-490A-A825-28E8D4BBE6D4}C:\program files\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\program files\runes of magic\client.exe |
"TCP Query User{5B0003A5-C91C-43DE-BFC9-CDCC0C879AD6}C:\users\pc\appdata\local\temp\rar$ex00.080\ipcurve\ipcurve.exe" = protocol=6 | dir=in | app=c:\users\pc\appdata\local\temp\rar$ex00.080\ipcurve\ipcurve.exe |
"TCP Query User{69B9BC84-A72C-4D1F-A3AE-B7F40849DEF5}C:\program files\java\jre6\launch4j-tmp\jdownloader.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\jdownloader.exe |
"TCP Query User{6A895DDB-0AF3-400D-84E7-D169AE1C8692}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{6BA3205C-3220-43D1-BDD2-C8A162FE1273}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{784B5906-C441-4094-A7B4-E4AC001F9503}C:\users\pc\desktop\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\pc\desktop\call of duty 2\cod2mp_s.exe |
"TCP Query User{7CC9A123-19DC-45B4-93BB-734FBA2ADC0D}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{7E61C7AC-2D43-44C3-BB6A-AA02DEFFD191}C:\users\pc\spiele\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\pc\spiele\call of duty 2\cod2mp_s.exe |
"TCP Query User{81F5D36E-2EDE-4950-A8F7-EF57A4F7E0B1}C:\users\pc\spiele\fucksteamcss\hl2.exe" = protocol=6 | dir=in | app=c:\users\pc\spiele\fucksteamcss\hl2.exe |
"TCP Query User{8465216C-699C-4049-970C-AA252E8341B5}C:\users\pc\downloads\fogdownloader-rom_3_0_1_2153.exe" = protocol=6 | dir=in | app=c:\users\pc\downloads\fogdownloader-rom_3_0_1_2153.exe |
"TCP Query User{920F2AEE-1B6C-4F3A-B00C-C13F8F936F1B}C:\users\pc\desktop\fucksteamcss\hl2.exe" = protocol=6 | dir=in | app=c:\users\pc\desktop\fucksteamcss\hl2.exe |
"TCP Query User{959D0B6A-C1F0-45C1-89E6-B56C75786E23}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{9EF45619-B7F4-4B5F-AF8E-B7A7F64127C0}C:\program files\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"TCP Query User{A611F459-4995-40B7-A660-362C4B85BED8}C:\users\pc\spiele\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\pc\spiele\left 4 dead 2\left4dead2.exe |
"TCP Query User{A7BBA9BA-0EC2-41D9-969C-CC66B2566484}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{B6F8011B-7536-4D49-853B-2AF3F5A9106F}C:\program files\lexmark 2600 series\lxdnlscn.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnlscn.exe |
"TCP Query User{E05F25E3-6B06-4EEC-82CC-9144ADEB6C9B}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{F5CF5851-3BFA-4B78-B040-EC4C3657DD26}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{0D02B197-1151-41AF-A8F2-699D090C09A7}C:\users\pc\spiele\battelfield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=c:\users\pc\spiele\battelfield vietnam\bfvietnam.exe |
"UDP Query User{0EBAEA22-DD04-4B74-80FF-9A8873CF80EB}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{176C23F7-32B9-4B06-9574-D806360B5B09}C:\users\pc\spiele\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\pc\spiele\call of duty 2\cod2mp_s.exe |
"UDP Query User{297FF978-7849-44B1-B893-A2A7A3E7DEBF}C:\program files\rapidsolution\audials tv\bin\audialstv.exe" = protocol=17 | dir=in | app=c:\program files\rapidsolution\audials tv\bin\audialstv.exe |
"UDP Query User{37040FD9-34D4-4806-B7BD-8E017BCA84CF}C:\users\pc\appdata\local\temp\rar$ex01.426\ipcurve\ipcurve.exe" = protocol=17 | dir=in | app=c:\users\pc\appdata\local\temp\rar$ex01.426\ipcurve\ipcurve.exe |
"UDP Query User{4256BC2A-16C0-438B-BED3-62BCCEC887DD}C:\program files\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files\lolreplay\lolreplay.exe |
"UDP Query User{4348FC16-EDE1-4F24-B192-CA12491D079B}C:\users\pc\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\pc\spiele\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{44B1703E-C882-4E8D-8E8C-E2C97F341E13}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{4DCE5682-917E-4ED0-9315-C4FB55DC0385}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{582F68BC-6C45-4575-B534-1CE080867DB0}C:\users\pc\desktop\fucksteamcss\hl2.exe" = protocol=17 | dir=in | app=c:\users\pc\desktop\fucksteamcss\hl2.exe |
"UDP Query User{5E342AD0-C2AD-4F8F-8C9D-19ECFE274435}C:\program files\java\jre6\launch4j-tmp\jdownloader.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\jdownloader.exe |
"UDP Query User{686018BA-06CA-412A-BC11-5F90A2D2DFC7}C:\program files\lexmark 2600 series\lxdnlscn.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnlscn.exe |
"UDP Query User{6A78DFD5-8875-428F-80EF-4BEC23563388}C:\program files\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"UDP Query User{713ED677-C9A2-435D-96DF-9A97A9E43F45}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{7734F37D-02E6-4D65-9251-1AC447F9B3B4}C:\users\pc\spiele\fucksteamcss\hl2.exe" = protocol=17 | dir=in | app=c:\users\pc\spiele\fucksteamcss\hl2.exe |
"UDP Query User{7DF903A5-1DF3-4591-99E7-A47C621F6F4F}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{8772A69B-CF8F-4AF2-A61B-BB5B60F3CBF9}C:\users\pc\appdata\local\temp\rar$ex00.080\ipcurve\ipcurve.exe" = protocol=17 | dir=in | app=c:\users\pc\appdata\local\temp\rar$ex00.080\ipcurve\ipcurve.exe |
"UDP Query User{93B821B7-8ED8-4F31-9EB0-333D12EDF036}C:\users\pc\downloads\fogdownloader-rom_3_0_1_2153.exe" = protocol=17 | dir=in | app=c:\users\pc\downloads\fogdownloader-rom_3_0_1_2153.exe |
"UDP Query User{A8CBF5E0-1B40-49C7-9F01-C3FB743B5E88}C:\users\pc\spiele\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\pc\spiele\left 4 dead 2\left4dead2.exe |
"UDP Query User{ACC0E1E7-F932-4963-8F1D-E6501A50B989}C:\users\pc\downloads\eligium_0_92_21_13_en_dl.exe" = protocol=17 | dir=in | app=c:\users\pc\downloads\eligium_0_92_21_13_en_dl.exe |
"UDP Query User{BE997DEB-0796-42BD-8037-C699B34B7786}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{C0000B8B-BD03-4DE5-B1C5-32E85AC2704E}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{D10FE592-804C-47A9-A441-71A8896D7302}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{D445D4DE-D1EA-430A-A6A4-AF8CD7003E6D}C:\program files\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\program files\runes of magic\client.exe |
"UDP Query User{D800D083-26BB-48A8-84BA-EBB3A082F0C0}C:\users\pc\desktop\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\pc\desktop\call of duty 2\cod2mp_s.exe |
"UDP Query User{DAE3A862-E41B-4347-8C4D-CA550E73BAAC}C:\users\pc\appdata\local\temp\rar$ex05.173\ipcurve\ipcurve.exe" = protocol=17 | dir=in | app=c:\users\pc\appdata\local\temp\rar$ex05.173\ipcurve\ipcurve.exe |
"UDP Query User{ED9A1B5F-44F0-4470-A583-003EAC4B5D4D}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F776F89F-B245-46C7-97CA-F78182552896}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{F9B53CE1-95CE-47DC-AAFD-F0485A146C88}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B973521-269F-11E1-8ED3-F04DA23A5C58}" = MSVCRT Redists
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{30D3D974-A770-4EF7-83EC-D56081450FFA}" = Lernwerkstatt 5
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69F0CEA4-43E2-4CBB-92DF-41860A40A631}" = Formelrechner
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777afb2a-98e5-4f14-b455-378a925cae15}.sdb" = CVE-2012-4969
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7886D87-ADA4-46A0-8A8D-02AB16B9F95A}" = Borland Delphi 6
"{BE686891-3C56-4714-AFEF-341A7867BA80}" = REALTEK USB Wireless LAN Driver and Utility
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.5026)
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}.vc_x86runtime_30729_5026" = Visual C++ 2008 x86 Runtime - v9.0.30729.5026
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink Wireless LAN Card
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"4StoryDE_is1" = 4Story 3.4
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Derive5" = Derive 5
"DivX Setup" = DivX-Setup
"Guitar Explorer 1.0" = Guitar Explorer 1.0
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HyperCam 3" = HyperCam 3
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"Lexmark 2600 Series" = Lexmark 2600 Series
"Lexmark Fax Solutions" = Lexmark Fax-Lösungen
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
"VLC media player" = VLC media player 1.1.4
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"X10Hardware" = X10 Hardware(TM)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.01.2013 13:19:16 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 23.01.2013 13:19:16 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 23.01.2013 13:21:07 | Computer Name = PC-PC | Source = VSS | ID = 8194
Description =
Error - 23.01.2013 13:21:08 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 24.01.2013 14:47:13 | Computer Name = PC-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.01.2013 14:47:37 | Computer Name = PC-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.01.2013 14:47:37 | Computer Name = PC-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.01.2013 14:47:37 | Computer Name = PC-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.01.2013 14:47:37 | Computer Name = PC-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.01.2013 14:47:37 | Computer Name = PC-PC | Source = Windows Search Service | ID = 3013
Description =
[ System Events ]
Error - 23.01.2013 11:59:16 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 23.01.2013 11:59:16 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.01.2013 13:41:24 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.01.2013 13:41:24 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.01.2013 14:31:42 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 24.01.2013 14:31:42 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.01.2013 14:51:13 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 24.01.2013 14:51:13 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.01.2013 15:03:53 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 24.01.2013 15:03:53 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
|
