Schennipha | 07.11.2010 15:12 | Sooo... Hier also der vollständige Scan: Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 5064
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975
07.11.2010 10:25:36
mbam-log-2010-11-07 (10-25-36).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 382966
Laufzeit: 2 Stunde(n), 2 Minute(n), 32 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\System Volume Information\SystemRestore\FRStaging\Users\Jenny\AppData\Roaming\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\Users\***\AppData\Roaming\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully. Sind inzwischen nur noch zwei gewesen, ist hoffentlich ein gutes Zeichen?
Hier das OTL-Logfile: Code:
OTL logfile created on: 07.11.2010 14:56:42 - Run 3
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,78 Gb Total Space | 46,08 Gb Free Space | 20,69% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,12 Gb Free Space | 61,15% Space Free | Partition Type: NTFS
Drive H: | 298,02 Gb Total Space | 162,72 Gb Free Space | 54,60% Space Free | Partition Type: FAT32
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Dell Support Center\gs_agent\dsc.exe (SupportSoft, Inc.)
PRC - C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
========== Modules (SafeList) ==========
MOD - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (UPnPService) -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
========== Driver Services (SafeList) ==========
DRV - (WtSmpFlt) -- C:\Windows\System32\DRIVERS\wtsmpflt.sys File not found
DRV - (wtsmpadap) -- C:\Windows\System32\DRIVERS\wtsmpadap.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys File not found
DRV - (LVRS) -- C:\Windows\System32\DRIVERS\lvrs.sys File not found
DRV - (LVMVDrv) -- C:\Windows\System32\DRIVERS\LVMVDrv.sys File not found
DRV - (LVcKap) -- C:\Windows\System32\DRIVERS\LVcKap.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (BCM42RLY) -- C:\Windows\System32\drivers\BCM42RLY.sys File not found
DRV - (99093622) -- C:\Windows\System32\DRIVERS\99093622.sys File not found
DRV - (98597511) -- C:\Windows\System32\DRIVERS\98597511.sys File not found
DRV - (uti5ndy0) -- C:\Windows\System32\drivers\uti5ndy0.sys ()
DRV - (LVUVC) Logitech QuickCam Pro 9000(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (98597512) -- C:\Windows\system32\DRIVERS\98597512.sys (Kaspersky Lab)
DRV - (77506082) -- C:\Windows\system32\DRIVERS\77506082.sys (Kaspersky Lab)
DRV - (71022332) -- C:\Windows\system32\DRIVERS\71022332.sys (Kaspersky Lab)
DRV - (07598482) -- C:\Windows\system32\DRIVERS\07598482.sys (Kaspersky Lab)
DRV - (setup_9.0.0.722_05.11.2010_22-12drv) -- C:\Windows\System32\drivers\7750608.sys (Kaspersky Lab)
DRV - (99093621) -- C:\Windows\System32\drivers\99093621.sys (Kaspersky Lab)
DRV - (77506081) -- C:\Windows\System32\drivers\77506081.sys (Kaspersky Lab)
DRV - (71022331) -- C:\Windows\System32\drivers\71022331.sys (Kaspersky Lab)
DRV - (07598481) -- C:\Windows\System32\drivers\07598481.sys (Kaspersky Lab)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (PID_0928) Logitech QuickCam Express(PID_0928) -- C:\Windows\System32\drivers\LV561AV.SYS (Logitech Inc.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corp.)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (O2SDRDR) -- C:\Windows\System32\drivers\o2sd.sys (O2Micro )
DRV - (O2MDRDR) -- C:\Windows\System32\drivers\o2media.sys (O2Micro )
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (VST_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (s117obex) -- C:\Windows\System32\drivers\s117obex.sys (MCCI Corporation)
DRV - (s117mdm) -- C:\Windows\System32\drivers\s117mdm.sys (MCCI Corporation)
DRV - (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s117mgmt.sys (MCCI Corporation)
DRV - (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM) -- C:\Windows\System32\drivers\s117unic.sys (MCCI Corporation)
DRV - (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS) -- C:\Windows\System32\drivers\s117nd5.sys (MCCI Corporation)
DRV - (s117mdfl) -- C:\Windows\System32\drivers\s117mdfl.sys (MCCI Corporation)
DRV - (s117bus) Sony Ericsson Device 117 driver (WDM) -- C:\Windows\System32\drivers\s117bus.sys (MCCI Corporation)
DRV - (PCAMp50) -- C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\Windows\System32\drivers\k750bus.sys (MCCI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=6080702
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=6080702
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6E 8C 6F C2 F8 7D CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={947DCE2B-C81E-EE19-3397-AA1C3D2D8433}&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010.03.06 14:07:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.20 13:11:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.20 13:11:50 | 000,000,000 | ---D | M]
[2009.02.07 02:21:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2009.02.07 02:21:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010.10.26 21:42:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\j9cwjmtr.default\extensions
[2010.11.05 21:23:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\j9cwjmtr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.05 21:23:52 | 000,000,000 | ---D | M] (My Web Tattoo (Fast Browser Search)) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\j9cwjmtr.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2009.08.10 11:38:06 | 000,005,407 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\j9cwjmtr.default\searchplugins\fast-browser-search.xml
[2009.05.06 21:29:37 | 000,001,632 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\j9cwjmtr.default\searchplugins\live-search.xml
[2010.10.25 19:31:04 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.05 20:49:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.25 19:31:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.09.21 08:48:28 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.09.21 08:48:28 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.21 08:48:28 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.21 08:48:28 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.21 08:48:28 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Programme\ArcSoft\MediaConverter 2.5 for Philips\Stream Ripper\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_05.11.2010_22-12.lnk = C:\Users\***\Desktop\Virus Removal Tool4\setup_9.0.0.722_05.11.2010_22-12\startup.exe ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Computer)
O15 - HKCU\..Trusted Ranges: GD ([http] in Computer)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} hxxp://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUplden-us.cab (MSN Photo Upload Tool)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1221907588 (Image Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1216076313 (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0858ccca-d557-11df-9e5d-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{0858ccca-d557-11df-9e5d-001c2357f659}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{3856cf60-2063-11df-96fb-00ade1ac1c1a}\Shell - "" = AutoRun
O33 - MountPoints2\{3856cf60-2063-11df-96fb-00ade1ac1c1a}\Shell\AutoRun\command - "" = H:\Start.exe -- File not found
O33 - MountPoints2\{3856cf63-2063-11df-96fb-001e101f7f74}\Shell - "" = AutoRun
O33 - MountPoints2\{3856cf63-2063-11df-96fb-001e101f7f74}\Shell\AutoRun\command - "" = H:\Start.exe -- File not found
O33 - MountPoints2\{6c357368-c8ae-11de-9a43-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{6c357368-c8ae-11de-9a43-001c2357f659}\Shell\AutoRun\command - "" = F:\LEFT-DOWN-AUTORUN-2.EXE -- File not found
O33 - MountPoints2\{6da92a9d-2060-11df-8670-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6da92a9d-2060-11df-8670-806e6f6e6963}\Shell\AutoRun\command - "" = H:\Start.exe -- File not found
O33 - MountPoints2\{6da92b0d-2060-11df-8670-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{6da92b0d-2060-11df-8670-001c2357f659}\Shell\AutoRun\command - "" = H:\Start.exe -- File not found
O33 - MountPoints2\{85257fc9-d532-11df-b35f-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{85257fc9-d532-11df-b35f-001c2357f659}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{85257fd7-d532-11df-b35f-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{85257fd7-d532-11df-b35f-001c2357f659}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{85257fd8-d532-11df-b35f-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{85257fd8-d532-11df-b35f-001c2357f659}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{a2f41d9c-d9f2-11df-afff-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{a2f41d9c-d9f2-11df-afff-001c2357f659}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{aad71efc-2b2e-11de-83a6-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{aad71efc-2b2e-11de-83a6-001c2357f659}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
O33 - MountPoints2\{c28654b5-d2a1-11de-b0a9-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{c28654b5-d2a1-11de-b0a9-001c2357f659}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{d02c1c5e-d638-11df-8ed8-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{d02c1c5e-d638-11df-8ed8-001c2357f659}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{d02c1c60-d638-11df-8ed8-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{d02c1c60-d638-11df-8ed8-001c2357f659}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{d725d863-205e-11df-ad76-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{d725d863-205e-11df-ad76-001c2357f659}\Shell\AutoRun\command - "" = H:\Start.exe -- File not found
O33 - MountPoints2\{e2373949-d5f7-11df-b2b3-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{e2373949-d5f7-11df-b2b3-001c2357f659}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{e237394a-d5f7-11df-b2b3-001c2357f659}\Shell - "" = AutoRun
O33 - MountPoints2\{e237394a-d5f7-11df-b2b3-001c2357f659}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Start.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.11.06 23:07:00 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.11.06 23:06:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.06 23:06:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.06 23:06:43 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.11.06 23:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.06 22:45:01 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\7750608.sys
[2010.11.06 22:45:01 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\77506081.sys
[2010.11.06 22:45:01 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\77506082.sys
[2010.11.06 22:45:01 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Virus Removal Tool4
[2010.11.06 22:13:17 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\9859751.sys
[2010.11.06 22:13:17 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\98597512.sys
[2010.11.06 22:13:17 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Virus Removal Tool3
[2010.11.06 22:04:51 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\7102233.sys
[2010.11.06 22:04:51 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\71022331.sys
[2010.11.06 22:04:51 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\71022332.sys
[2010.11.06 11:22:34 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Virus Removal Tool2
[2010.11.06 00:52:08 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\9909362.sys
[2010.11.06 00:52:08 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\99093621.sys
[2010.11.06 00:52:07 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Virus Removal Tool1
[2010.11.05 21:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.11.05 21:47:58 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\0759848.sys
[2010.11.05 21:47:58 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\07598481.sys
[2010.11.05 21:47:58 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\07598482.sys
[2010.11.05 21:47:57 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Virus Removal Tool
[2010.11.03 10:07:13 | 000,000,000 | ---D | C] -- C:\sj646
[2010.10.27 14:11:38 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.10.27 14:11:37 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.10.27 14:11:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.10.25 19:31:02 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.10.25 19:31:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.10.25 19:31:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.10.25 17:42:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Nero
[2010.10.24 20:57:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\logishrd
[2010.10.24 20:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2010.10.24 20:56:46 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\LWS
[2010.10.20 15:34:39 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\rsdownloads
[2010.10.20 15:34:18 | 000,000,000 | ---D | C] -- C:\Programme\RSDownloader 2.3
[2010.10.20 15:20:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\kikin
[2010.10.20 15:20:41 | 000,000,000 | ---D | C] -- C:\Programme\kikin
[2010.10.20 13:59:01 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\LimeWire
[2010.10.20 13:56:40 | 000,000,000 | ---D | C] -- C:\Programme\LimeWire
[2010.10.13 22:08:59 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.13 22:08:34 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.13 22:08:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.10.13 22:07:27 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.13 22:07:24 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.13 22:07:24 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.13 22:07:23 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.13 22:07:23 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.13 22:07:23 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.13 22:07:23 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.13 22:07:23 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.13 22:07:23 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.13 22:07:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.13 22:07:23 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.13 22:07:23 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.13 22:07:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.13 22:07:22 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.13 22:07:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.13 22:07:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.13 22:07:22 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.13 22:07:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.13 22:07:18 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.13 22:07:18 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.13 22:07:11 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.13 22:07:10 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.13 22:07:09 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.12 22:09:36 | 000,000,000 | ---D | C] -- C:\Programme\Zattoo4
[2010.10.12 21:18:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\LogiShrd
[2010.10.12 21:16:54 | 000,000,000 | ---D | C] -- C:\Programme\Logitech
[2010.10.11 18:57:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010.10.11 14:14:24 | 000,000,000 | ---D | C] -- C:\HP LJ1320 PCL6 Driver
[2010.10.11 13:34:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Vodafone
[2010.10.11 13:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2010.10.11 13:33:39 | 000,000,000 | ---D | C] -- C:\Programme\Vodafone
[2010.10.11 13:33:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{D53238E8-3427-491E-A57E-097FA966AAC1}
========== Files - Modified Within 30 Days ==========
[2010.11.07 14:52:12 | 000,000,435 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010.11.07 14:17:06 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.07 13:40:33 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.11.07 13:22:17 | 000,181,433 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.11.07 13:22:17 | 000,181,433 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.11.07 13:19:22 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.07 13:19:22 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.07 13:19:22 | 000,127,464 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.07 13:19:22 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.07 13:18:01 | 000,023,552 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.07 13:12:23 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.07 13:12:23 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.07 13:12:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.07 13:12:11 | 3217,522,688 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.07 10:29:11 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.11.06 23:06:47 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.06 22:49:45 | 000,007,168 | ---- | M] () -- C:\Windows\System32\drivers\uti5ndy0.sys
[2010.11.06 22:46:28 | 000,002,204 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_05.11.2010_22-12.lnk
[2010.11.05 19:44:35 | 000,206,321 | ---- | M] () -- C:\Users\***\Documents\USB
[2010.11.05 17:19:33 | 000,355,893 | ---- | M] () -- C:\Users\***\Documents\lp_gy_franz%F6sisch_2009.pdf
[2010.11.05 17:17:42 | 000,365,730 | ---- | M] () -- C:\Users\***\Documents\lp_gy_deutsch_2009.pdf
[2010.11.05 12:31:54 | 000,142,693 | ---- | M] () -- C:\Users\***\Ipa-chart-all-1000px.png
[2010.11.03 00:28:42 | 000,000,138 | ---- | M] () -- C:\Users\***\AppData\Roaming\default.rss
[2010.11.03 00:04:38 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.01 09:46:48 | 000,000,000 | ---- | M] () -- C:\Windows\System32\null
[2010.10.25 15:21:23 | 000,046,080 | ---- | M] () -- C:\Users\***\Only Hope.doc
[2010.10.24 21:55:37 | 000,067,288 | ---- | M] () -- C:\Users\***\Handzettel_Umzugsbeihilfe.pdf
[2010.10.24 15:01:43 | 000,107,405 | ---- | M] () -- C:\Users\***\1620184189-foxi-comic.9.jpg
[2010.10.23 18:24:17 | 000,024,977 | ---- | M] () -- C:\Users\***\satzung_zweitwohnungssteuer.pdf
[2010.10.23 18:24:12 | 000,085,623 | ---- | M] () -- C:\Users\***\Anmeldung.pdf
[2010.10.23 18:24:06 | 000,074,724 | ---- | M] () -- C:\Users\***\Handzettel_Info_Zweitwohnungssteuer.pdf
[2010.10.23 18:18:11 | 000,094,022 | ---- | M] () -- C:\Users\***\Wohngeldantrag_Mietzuschuss_und_Lastenzuschuss.pdf
[2010.10.20 19:04:23 | 000,048,821 | ---- | M] () -- C:\Users\***\Documents\simyo rechnung september.pdf
[2010.10.20 11:53:11 | 000,151,569 | ---- | M] () -- C:\Users\***\simyokündigung.docx
[2010.10.19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.10.17 18:48:36 | 000,366,637 | ---- | M] () -- C:\Users\***\verbundtarif.pdf
[2010.10.14 16:14:11 | 000,408,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.12 13:46:19 | 000,001,212 | ---- | M] () -- C:\Users\***\Documents\report.htm
[2010.10.11 20:10:52 | 000,077,328 | ---- | M] () -- C:\Users\***\Documents\USB1
[2010.10.11 18:19:41 | 000,240,707 | ---- | M] () -- C:\Users\***\2010-10-11-1075613702_04-RG.pdf
[2010.10.11 13:51:32 | 000,009,208 | ---- | M] () -- C:\Users\***\Kontoumsaetze_703_752653600_20101011_145102.pdf
[2010.10.10 20:44:20 | 000,000,162 | -H-- | M] () -- C:\Users\***\Desktop\~$undenplan.docx
========== Files Created - No Company Name ==========
[2010.11.06 23:06:47 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.06 22:07:28 | 000,002,204 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_05.11.2010_22-12.lnk
[2010.11.06 11:26:32 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\uti5ndy0.sys
[2010.11.05 20:14:08 | 000,010,891 | ---- | C] () -- C:\Users\***\hijackthis.log
[2010.11.05 19:50:38 | 000,272,341 | ---- | C] () -- C:\Users\***\Setup.xml
[2010.11.05 17:19:33 | 000,355,893 | ---- | C] () -- C:\Users\***\Documents\lp_gy_franz%F6sisch_2009.pdf
[2010.11.05 17:17:42 | 000,365,730 | ---- | C] () -- C:\Users\***\Documents\lp_gy_deutsch_2009.pdf
[2010.11.05 12:31:53 | 000,142,693 | ---- | C] () -- C:\Users\***\Ipa-chart-all-1000px.png
[2010.11.03 23:26:59 | 000,023,552 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.25 15:21:22 | 000,046,080 | ---- | C] () -- C:\Users\***\Only Hope.doc
[2010.10.24 21:55:37 | 000,067,288 | ---- | C] () -- C:\Users\***\Handzettel_Umzugsbeihilfe.pdf
[2010.10.24 15:01:42 | 000,107,405 | ---- | C] () -- C:\Users\***\1620184189-foxi-comic.9.jpg
[2010.10.23 18:24:17 | 000,024,977 | ---- | C] () -- C:\Users\***\satzung_zweitwohnungssteuer.pdf
[2010.10.23 18:24:12 | 000,085,623 | ---- | C] () -- C:\Users\***\Anmeldung.pdf
[2010.10.23 18:24:06 | 000,074,724 | ---- | C] () -- C:\Users\***\Handzettel_Info_Zweitwohnungssteuer.pdf
[2010.10.23 18:18:11 | 000,094,022 | ---- | C] () -- C:\Users\***\Wohngeldantrag_Mietzuschuss_und_Lastenzuschuss.pdf
[2010.10.20 19:04:23 | 000,048,821 | ---- | C] () -- C:\Users\***\Documents\simyo rechnung september.pdf
[2010.10.20 11:53:11 | 000,151,569 | ---- | C] () -- C:\Users\***\simyokündigung.docx
[2010.10.17 18:48:36 | 000,366,637 | ---- | C] () -- C:\Users\***\verbundtarif.pdf
[2010.10.12 13:46:19 | 000,001,212 | ---- | C] () -- C:\Users\***\Documents\report.htm
[2010.10.11 20:08:03 | 000,077,328 | ---- | C] () -- C:\Users\***\Documents\USB1
[2010.10.11 18:19:41 | 000,240,707 | ---- | C] () -- C:\Users\***\2010-10-11-1075613702_04-RG.pdf
[2010.10.11 13:51:25 | 000,009,208 | ---- | C] () -- C:\Users\***\Kontoumsaetze_703_752653600_20101011_145102.pdf
[2010.10.10 20:44:20 | 000,000,162 | -H-- | C] () -- C:\Users\***\Desktop\~$undenplan.docx
[2010.10.08 18:00:58 | 000,206,321 | ---- | C] () -- C:\Users\***\Documents\USB
[2010.10.04 21:14:50 | 000,000,138 | ---- | C] () -- C:\Users\***\AppData\Roaming\default.rss
[2010.09.19 21:27:39 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.07.27 07:03:20 | 010,829,656 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010.07.27 07:03:18 | 000,290,648 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010.07.27 06:56:04 | 000,090,411 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010.05.31 12:16:10 | 000,031,007 | ---- | C] () -- C:\Users\***\AppData\Roaming\UserTile.png
[2010.05.07 17:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010.05.07 17:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010.03.03 18:23:31 | 000,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll
[2010.02.23 10:50:31 | 000,168,292 | ---- | C] () -- C:\ProgramData\gui.log
[2010.01.28 22:31:44 | 000,000,103 | ---- | C] () -- C:\Windows\cedt.INI
[2010.01.24 18:17:39 | 002,340,746 | ---- | C] () -- C:\Programme\Setup.exe
[2010.01.24 18:17:39 | 000,000,715 | ---- | C] () -- C:\Programme\README.txt
[2010.01.24 18:17:39 | 000,000,050 | ---- | C] () -- C:\Programme\Autorun.inf
[2010.01.09 23:32:09 | 000,000,544 | ---- | C] () -- C:\Users\***\AppData\Roaming\ClipGet-FlvConverterDefaultSettings.xml
[2010.01.09 22:38:34 | 000,000,025 | ---- | C] () -- C:\Users\***\AppData\Roaming\ClipGet-UpdatePerformed.txt
[2010.01.09 22:38:19 | 000,000,234 | ---- | C] () -- C:\Users\***\AppData\Roaming\ClipGet-Activation.info
[2010.01.09 22:25:58 | 000,000,993 | R--- | C] () -- C:\Windows\sam40.ini
[2009.12.29 19:20:23 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2009.12.29 19:16:10 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.12.29 19:15:25 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.10.21 12:38:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.18 20:24:01 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009.08.18 20:14:31 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.06.13 20:08:09 | 000,008,788 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009.05.29 02:49:12 | 000,051,712 | ---- | C] () -- C:\Windows\System32\coodest.dll
[2009.05.16 18:48:24 | 000,000,540 | ---- | C] () -- C:\Users\***\AppData\Roaming\AutoGK.ini
[2009.04.16 23:47:53 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.01.25 22:10:48 | 000,179,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.01.09 00:01:22 | 000,629,760 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.09.19 22:57:34 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.09.14 12:53:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.07.05 11:37:07 | 000,181,433 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.07.05 11:19:34 | 000,181,433 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.07.01 15:29:35 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008.06.23 12:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.05.23 16:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.08 23:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
========== LOP Check ==========
[2010.05.05 19:04:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Broad Intelligence
[2010.06.02 18:14:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Composer
[2010.11.07 10:25:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Desktopicon
[2010.06.23 18:23:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FT4u
[2010.05.12 17:45:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gnupg
[2009.05.16 18:59:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HandBrake
[2009.10.23 17:44:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Helios
[2010.10.25 19:45:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\kikin
[2008.11.16 14:16:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2009.12.29 19:25:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2008.07.07 12:36:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mobipocket
[2009.05.16 18:14:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Philips
[2008.11.03 13:42:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PlayFirst
[2010.06.02 18:14:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Research In Motion
[2010.06.12 11:55:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung
[2009.10.02 23:06:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony
[2010.10.11 13:34:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Vodafone
[2010.11.07 10:29:11 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:EA031481
< End of report > Und hier noch das Zweite: Code:
OTL Extras logfile created on: 07.11.2010 14:56:42 - Run 3
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,78 Gb Total Space | 46,08 Gb Free Space | 20,69% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,12 Gb Free Space | 61,15% Space Free | Partition Type: NTFS
Drive H: | 298,02 Gb Total Space | 162,72 Gb Free Space | 54,60% Space Free | Partition Type: FAT32
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022E7BEC-87E2-40AB-857D-BCB13D723DDC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{11DC606E-1E92-438B-9C75-D797B7A2E05F}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{254FD17D-5863-4A8B-B13D-D447866DCE09}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{34B4D0A0-9035-4F0D-8848-4AC563934897}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4330A08A-8A08-44FA-9AAB-86974A0D817A}" = rport=2869 | protocol=6 | dir=out | app=system |
"{753F1952-84C8-46E1-9B8F-B21132826AA3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{86CDF347-FA6E-40AB-8E3C-C6D65E70B343}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{8750A43F-D5B5-497E-80DF-49DFC3EA7751}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A0C3B168-BBDE-4009-BB5F-E262C79D96E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{CEB56707-974B-47C8-9362-421A9FF64340}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F4B73BA3-E5FF-4866-8B88-32DB7B58A184}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F5BB23C4-AFC8-4C9F-877A-DCD42605BD54}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C66F6A-BF9F-40EE-BA6F-AD2DB6ED4143}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{0CAEE8D4-A95B-483B-8EB2-2FFC61D07599}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0CB9C369-3A14-4486-8C12-1F59DCF4B017}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{0D194112-0887-4033-A60B-C159040BCD9E}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{10C2669F-4704-4861-B9EE-86A8E837492A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{10FF01D0-B4D6-470A-8E4E-C781472E4AA8}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{11E47B62-A53F-4A5E-B048-514806776B28}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{11F6E7D4-C1FE-4D08-93AE-A076AC0C7840}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{148656FA-91BE-4444-B871-5AA3A7FE62AC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{19D0DC2A-73C5-47D0-9F3C-008D9877ED54}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{1D5597A6-6DA4-4BC8-A7A0-E73761143DCF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{1E2EA504-0D25-4D6E-A5A7-5CC9125D7C85}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{1F92D4F6-DF6F-48A6-A8E3-24DD7062EFEE}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{1FFBF05C-DA53-4629-BE46-FE538B824D03}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{29CF9D6C-CB66-4369-9232-1E159A722E4A}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{389003A1-9C93-4AB7-B6E0-203DDC71CBC6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{39F2B4A6-CE1E-4D44-B6AC-E897F9151CAA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{43D17B44-677B-43E2-BDFE-CB65CB75256E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{48EF5BE1-DFAB-45CF-9C18-73EFE50DD41A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{4A423266-8499-4933-BE46-14B9CD812513}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{4CFD0F57-00BF-4878-9FE4-32F89FBA26B2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5365C6FA-9B8E-48DD-ADEB-9F78E20B0E34}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{53D0FBCE-0A78-468A-B94B-E099B8718505}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{66EA2E66-49B1-4CD5-AA7F-BC58D3C5E30A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6BAB3620-C939-4DDB-9CEF-9A7C23BAA0C0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6C2C69CD-F22E-440B-8BAE-DED113DA0C8F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6D8945B6-88E0-4CE8-9B70-2024251FB44C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{703F9835-7205-44C9-AF6B-A42941DE0559}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7FC02CDB-0E8D-4DB2-8F48-3915DFDB885B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{8058373A-17CA-4D3E-AA4B-D8500160D55C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{87210791-E125-4669-B2D5-506A55D79F32}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{87A0878B-46ED-460A-8BC4-E8AECF4BD3F0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8E6866EC-2566-429B-85CC-A7CE5B817EEC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{93D97B5A-5F93-451A-8216-C4C76E65425E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9634EAEA-60AE-49A1-9E10-4E59D133EC92}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{ABC3AC32-C4E8-4D83-9EBD-B4D711E40B65}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{AC75A154-778C-4E23-AFB3-F71DA38E20DD}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AD0189F7-03AB-4F22-AB93-C4B42F140A0B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B9F8DC02-36EB-4B3C-8D93-8FB8840332B5}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{BC4E76EE-437B-4ABE-8A65-CB96F560CFDB}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{C23A8E9C-A79A-4D5E-9D63-154E792E0976}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C2B61451-FF6F-49E5-8736-AA4AE324487A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{C7CF1B69-286D-46F2-9C2F-C90FF1D290AB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CE885834-53FE-4853-835C-B1DF00F59B8B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{D0C4C673-8AC5-494D-B6CE-960FC231890D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D0FF4806-FCAF-4393-B610-BC6F188D714E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2BC538A-E6A7-456C-BF74-30DFB7A35BE5}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D3D863FA-E57A-43A2-94D3-355377A334BE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{D615B118-FEF6-4E1B-96B1-E2BD116151B3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D6EBBDB4-1EF0-4E48-92CA-3EC42F0619BB}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DB36898F-394F-4EFE-9FC8-28F5A7518161}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{DDF57D03-5172-4DD9-9B08-A18C27966ED1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DE24BA95-050B-4204-A11C-2E5EA047CD03}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E0B95B74-3A8E-419D-80C5-7DEF07D0D2DE}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E1049A83-4CA5-42AC-8411-46C400B3099D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E551F3F9-A4DC-41B0-828B-6D70C6A11C36}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E5E5C5C3-902C-4965-8409-EA622E1C7D0D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{EE248A2B-F18F-4B5A-B0DC-09A65EF52FDE}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{EFFD6E7B-D9BD-4910-8993-403CEDDA22B7}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F13D8FE1-C0FD-4CE5-ADEE-C146A2D27B8B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{F1A4970C-00D8-43CB-9C57-BDFCBCFE81C1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F309D6DF-AF39-4006-AE86-133017108195}" = dir=in | app=e:\setup\hpznui01.exe |
"{F6B9D004-2E29-4D78-885B-D2FF402333C7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{FA2E8337-CE04-4E89-B8D2-8D2EB0840ACB}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FABC1D44-2C1E-48B6-952B-DDB9FA5E556A}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{FFB57E8C-36A2-46E6-9E54-ED1578365E38}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"TCP Query User{3F43F74C-670A-4057-A135-38EEC91932D4}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{51DF3F73-D32E-493E-83C1-FFEDF198B1A8}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{5BBEDDA2-C636-4CFF-A5EE-7FE57F6B57EE}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{739924FA-B40B-49E3-8EC0-774ACD88DF74}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{886FDB6A-AC1A-4430-8F73-8F9A87C84E74}C:\users\***\downloads\3544761d.exe" = protocol=6 | dir=in | app=c:\users\***\downloads\3544761d.exe |
"TCP Query User{898C5E92-33E9-4423-A7F8-977BB6A221D2}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{8E8626AF-500B-4E03-861E-28A2045C3579}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{ABE59578-EA8C-46FE-ACE0-19667D028273}C:\users\***\downloads\sims_2.exe" = protocol=6 | dir=in | app=c:\users\***\downloads\sims_2.exe |
"TCP Query User{AE81AFE0-1C29-4C55-B3CD-999F794C5B6B}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe |
"TCP Query User{B8616D59-53DC-4608-B533-E9B6CE950DAB}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{B89F5072-FDDD-453F-BFA3-459BB2E28024}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{B96F6B51-B6D4-4B60-B145-36A0A76ED0C6}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{C350137D-5EC6-43B6-AF01-D30289E108D2}C:\program files\sony ericsson\update service\update service.exe" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"TCP Query User{D1CD320A-1F8D-4070-97A0-AAA7CCF3C468}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{F4CEDB0C-3FF8-44E0-A362-9868B3E052FE}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{FC3CBF6B-70F8-42B8-BD4A-9D2CD8531B0F}C:\program files\zattoo\zattoo2.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo2.exe |
"UDP Query User{00A99CCE-5D59-49F9-BBED-325E3575A749}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{02422498-AA01-4808-8031-6C1EA6910CB2}C:\program files\zattoo\zattoo2.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo2.exe |
"UDP Query User{0C4CB6D0-439A-4B67-931E-EDFC53D36222}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{1191B3C2-A1D0-4625-ADD6-C141113C95C9}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{1D9D65CF-2A22-48EA-B3C9-12C0AB35D5CB}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{1E67CDBE-F944-44A8-898E-679111218564}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{438291F4-35A6-49E6-B42A-94B2B5D489B5}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{46D13BF2-2A1A-49E5-939E-6AF27112A223}C:\users\***\downloads\sims_2.exe" = protocol=17 | dir=in | app=c:\users\***\downloads\sims_2.exe |
"UDP Query User{565B22D1-76A1-4EB5-9795-BF42C98E3FF0}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{80EDF75C-964C-4924-A894-D0C7237F55AD}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9FF6BBAE-0744-4469-9C8F-2B76F3071497}C:\users\***\downloads\3544761d.exe" = protocol=17 | dir=in | app=c:\users\***\downloads\3544761d.exe |
"UDP Query User{A748BFEB-1183-454A-9C93-138C3A746175}C:\program files\sony ericsson\update service\update service.exe" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"UDP Query User{BB0EFABC-EE96-4C69-9CDB-4A867423146B}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{F1AC1A19-B553-447E-B9C6-320ED1CDD039}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F737274D-BFF7-4C9B-80EA-CF2CF376065D}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{FC07FAAF-7677-4D0D-BC6D-06EED2389B8E}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0812B697-3B0A-4392-B975-E415FC16C71E}" = HP Photosmart C5300 All-In-One Driver Software 12.0 Rel .4
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{0DD2DCC6-21AE-4678-8629-1084B17BE077}" = Microsoft SQL Server Compact 3.5 SP1-Abfragetools (Deutsch)
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{143B33B7-458A-452A-8939-8B165B4B5067}" = Microsoft SQL Server 2008 Management Studio
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{2020045B-8DCF-4449-8D5C-EB5BA37440F1}" = Microsoft SQL Server 2008 Management Studio
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 22
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160160}" = Java(TM) SE Development Kit 6 Update 16
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3AA1CB3C-F146-4340-AF8C-E97845A22629}" = C5300
"{3AF2BD17-EBB9-4A24-BA08-F5F1B82853F6}" = Microsoft SQL Server 2008 Client Tools
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D28EFCF-5999-44D2-8D4E-AC643E76C33F}" = Microsoft SQL Server 2008 Client Tools
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6294CE03-1A16-4610-891E-FDAF9A585A54}" = SA52xx Device Manager
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{695E67B6-8B95-4160-9650-92974980CDC1}" = Microsoft SQL Server 2008-Richtlinien
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{8064cfd2-becb-40a3-8d5e-a47e6348ae7b}" = Nero 9
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{83C4CC25-EEFA-4E9F-A428-E1764266442E}" = PS_AIO_04_C5300_Software_Min
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8D8B167A-ED0F-43F1-AC10-3F4379F7CBBB}" = MediaConverter 2.5 for Philips
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BBE9CD0-670A-4F15-AE17-5B1494D12A9E}" = CLR-Typen des SQL Server-Systems
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite
"{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile-Gerätecenter: Treiberupdate
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch)
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FD023F61-65E9-465C-B558-7C64EB2B97E6}" = Dell Handbuch zum Einstieg
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Karte
"Die Sims" = Die Sims
"DivX Setup.divx.com" = DivX-Setup
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"MAGIX Music Maker Hip Hop Edition 3 D" = MAGIX Music Maker Hip Hop Edition 3 5.0.0.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11)
"NVIDIA Drivers" = NVIDIA Drivers
"PROR" = Microsoft Office Professional 2007
"rdfpa" = Favorit
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Zattoo4" = Zattoo4 4.0.5
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.04.2010 17:03:21 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung spoolsv.exe, Version 6.0.6002.18005, Zeitstempel
0x49e02592, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000374, Fehleroffset 0x000afaf8, Prozess-ID 0x764, Anwendungsstartzeit
01cae25ed3c90319.
Error - 22.04.2010 17:05:09 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung spoolsv.exe, Version 6.0.6002.18005, Zeitstempel
0x49e02592, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000374, Fehleroffset 0x000afaf8, Prozess-ID 0xb5c, Anwendungsstartzeit
01cae25f68eae629.
Error - 25.04.2010 06:57:22 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.04.2010 08:47:09 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.04.2010 10:25:02 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.04.2010 16:55:02 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.04.2010 16:55:47 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.04.2010 16:55:48 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.04.2010 17:00:25 | Computer Name = ***-PC | Source = EventSystem | ID = 4621
Description =
Error - 26.04.2010 08:43:57 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
[ Broadcom Wireless LAN Events ]
Error - 01.06.2010 01:47:20 | Computer Name = ***-PC | Source = WLAN-Tray | ID = 0
Description = 07:47:19, Tue, Jun 01, 10 Error - Unable to gain access to user store
Error - 12.06.2010 06:05:08 | Computer Name = ***-PC | Source = WLAN-Tray | ID = 0
Description = 12:05:07, Sat, Jun 12, 10 Error - Unable to gain access to user store
Error - 22.06.2010 02:10:52 | Computer Name = ***-PC | Source = WLAN-Tray | ID = 0
Description = 08:10:51, Tue, Jun 22, 10 Error - Unable to gain access to user store
Error - 24.06.2010 10:30:31 | Computer Name = ***-PC | Source = WLAN-Tray | ID = 0
Description = 16:30:31, Thu, Jun 24, 10 Error - Unable to gain access to user store
Error - 24.06.2010 10:36:28 | Computer Name = ***-PC | Source = WLAN-Tray | ID = 0
Description = 16:36:28, Thu, Jun 24, 10 Error - Unable to gain access to user store
[ OSession Events ]
Error - 20.10.2009 14:22:00 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 16474 seconds with 6480 seconds of active time. This session ended with
a crash.
Error - 30.06.2010 16:58:22 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 11.10.2010 15:22:58 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2782
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 21.08.2008 07:51:03 | Computer Name = ***-PC | Source = HTTP | ID = 15016
Description =
Error - 21.08.2008 07:51:24 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.08.2008 07:51:24 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.08.2008 07:51:24 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.08.2008 07:51:24 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.08.2008 07:51:24 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.08.2008 07:51:24 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.08.2008 07:51:24 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.08.2008 13:35:52 | Computer Name = ***-PC | Source = HTTP | ID = 15016
Description =
Error - 21.08.2008 13:36:17 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Hoffe, ich hab jetzt nix vergessen :)
Vielen Dank schon mal für die nette Hilfe :) |