| |
| |||||||
Log-Analyse und Auswertung: Falsche Links in Google-SucheWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
23.09.2012, 13:02
| #1 |
| |  Falsche Links in Google-Suche Hallo liebe Experten! Ich hab auf meinem HP-Notebook (Win7pro 64 bit) seit ein paar Tagen das Problem, das hier im Forum schon öfter beschrieben wurde: Bei der Google-Suche in Firefox und Chrome und beim anschließenden Klick auf "Link in neuem Tab öffnen" öffnet sich ein falscher Link, etwa zu Viewster oder irgendwelchen Reiseseiten oä., jedenfalls nicht der, den ich anzuklicken glaubte. Avira-Guard ist im Hintergrund aktiv; ich bereinige regelmäßig mit CCleaner, muss nur leider zugeben, dass ich mit Windows-Updates (sehr) faul bin. Ich habe heute zunächst einen Avira-Scan gestartet, der ergebnislos blieb. Auch der anschließende Malwarebytes-Scan meldete keine Funde. Ebensowenig ergab der Scan über HouseCall etwas, den mein Mann mir vorgeschlagen hat. Ich mach mir trotzdem Sorgen, dass ich mir da was eingefangen habe und bitte um eure Unterstützung bei der Suche. Ich habe noch keine weiteren Schritte unternommen und warte, was ihr zu meinen Logfiles meint. Vielen Dank im voraus und herzliche Grüße aus NÖ, Susy Hier meine OTL.txt: Code:
ATTFilter OTL logfile created on: 23.09.2012 13:03:19 - Run 1 OTL by OldTimer - Version 3.2.66.0 Folder = D:\_Setups\_System\Malware entfernen 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 7,86 Gb Total Physical Memory | 6,14 Gb Available Physical Memory | 78,10% Memory free 15,72 Gb Paging File | 13,86 Gb Available in Paging File | 88,20% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 224,78 Gb Total Space | 174,41 Gb Free Space | 77,59% Space Free | Partition Type: NTFS Drive D: | 223,68 Gb Total Space | 105,23 Gb Free Space | 47,04% Space Free | Partition Type: NTFS Drive F: | 1,99 Gb Total Space | 1,48 Gb Free Space | 74,72% Space Free | Partition Type: FAT32 Computer Name: NB-SUSY2 | User Name: Susy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.23 12:41:44 | 000,601,600 | ---- | M] (OldTimer Tools) -- D:\_Setups\_System\Malware entfernen\OTL.exe PRC - [2012.06.20 13:51:58 | 002,206,984 | ---- | M] (AgileBits) -- D:\Datenbanken\1Password\Agile1pAgent.exe PRC - [2012.06.20 13:51:48 | 000,768,776 | ---- | M] (AgileBits) -- D:\Datenbanken\1Password\Agile1pService.exe PRC - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.11.17 01:04:20 | 000,822,384 | ---- | M] (ACD Systems) -- C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe PRC - [2011.09.01 18:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2011.07.26 14:09:00 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.05.30 15:55:00 | 004,910,592 | ---- | M] () -- C:\Program Files (x86)\Assmann\USB Device Server\Control Center.exe PRC - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.04.21 07:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.02.04 15:24:32 | 002,346,496 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe PRC - [2010.06.14 13:39:06 | 000,090,112 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe PRC - [2010.04.05 19:41:14 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2010.04.05 19:40:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2010.02.25 16:18:20 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol 52\StarWind\StarWindServiceAE.exe PRC - [2009.12.03 10:12:10 | 000,245,248 | ---- | M] () -- C:\Program Files\activAid\AutoHotkey\AutoHotkey.exe PRC - [2009.11.25 03:57:20 | 000,627,976 | ---- | M] (DigitalPersona, Inc.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe PRC - [2009.11.21 05:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009.11.19 00:17:36 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe PRC - [2009.11.04 23:46:40 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009.11.04 23:46:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ========== Modules (No Company Name) ========== MOD - [2012.03.31 16:36:22 | 000,376,832 | ---- | M] () -- D:\Datenbanken\1Password\js3215R.dll MOD - [2011.05.30 15:55:00 | 004,910,592 | ---- | M] () -- C:\Program Files (x86)\Assmann\USB Device Server\Control Center.exe MOD - [2011.02.04 15:24:38 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll MOD - [2011.02.04 15:24:32 | 002,346,496 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe MOD - [2010.12.12 12:58:14 | 000,502,784 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxmsw28u_xrc_vc_rny.dll MOD - [2010.12.12 12:58:00 | 000,131,584 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxbase28u_xml_vc_rny.dll MOD - [2010.12.12 12:57:56 | 000,485,376 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxmsw28u_html_vc_rny.dll MOD - [2010.12.12 12:57:44 | 000,707,584 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxmsw28u_adv_vc_rny.dll MOD - [2010.12.12 12:57:36 | 002,633,216 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxmsw28u_core_vc_rny.dll MOD - [2010.12.12 12:56:46 | 001,205,760 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxbase28u_vc_rny.dll MOD - [2010.05.23 20:20:08 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\lfs.dll MOD - [2010.05.23 20:20:04 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\lua51.dll MOD - [2009.12.03 10:12:10 | 000,245,248 | ---- | M] () -- C:\Program Files\activAid\AutoHotkey\AutoHotkey.exe ========== Services (SafeList) ========== SRV:64bit: - [2012.03.20 19:43:42 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV) SRV:64bit: - [2012.03.20 19:43:42 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters) SRV:64bit: - [2011.08.31 18:08:08 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:64bit: - [2011.07.06 10:36:36 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2011.06.03 12:51:38 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV:64bit: - [2011.05.13 14:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:64bit: - [2010.07.21 15:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service) SRV:64bit: - [2010.06.14 13:39:06 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe -- (HPDayStarterService) SRV:64bit: - [2010.02.18 15:52:30 | 002,045,232 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService) SRV:64bit: - [2010.02.01 18:09:48 | 000,281,192 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService) SRV:64bit: - [2010.02.01 18:05:52 | 000,704,512 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe -- (DEBridge) SRV:64bit: - [2009.11.25 03:57:20 | 000,462,088 | ---- | M] (DigitalPersona, Inc.) [Disabled | Stopped] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost) SRV:64bit: - [2009.11.20 00:14:32 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service) SRV:64bit: - [2009.09.04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [On_Demand | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2009.08.03 22:32:20 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.09.21 18:35:21 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.10 07:47:14 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.06.20 13:51:48 | 000,768,776 | ---- | M] (AgileBits) [Auto | Running] -- D:\Datenbanken\1Password\Agile1pService.exe -- (Agile1Password) SRV - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.09.09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service) SRV - [2011.09.01 18:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2011.07.26 14:09:00 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.07.06 10:34:58 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.04.05 19:40:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.02.18 15:26:46 | 001,664,304 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009.11.19 00:17:36 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service) SRV - [2009.11.04 23:46:40 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009.11.04 23:46:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.03.20 19:43:43 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2012.01.17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2011.08.08 07:32:08 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2011.08.08 07:32:08 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2011.08.03 17:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2011.07.26 14:09:01 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.07.26 14:09:01 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.05.20 01:08:54 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.05.20 01:08:54 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.05.13 14:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:64bit: - [2011.05.13 14:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010.09.11 01:15:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.06.03 17:56:06 | 001,803,904 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) DRV:64bit: - [2010.04.21 17:00:30 | 000,037,392 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3) DRV:64bit: - [2010.04.21 11:56:28 | 000,091,280 | ---- | M] (Yamaha Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yusbaud64.sys -- (yusbaud64) DRV:64bit: - [2010.04.05 19:31:54 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.02.26 20:32:58 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.02.01 18:11:36 | 000,015,688 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\SbFsLock.sys -- (SbFsLock) DRV:64bit: - [2010.02.01 18:11:34 | 000,058,184 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysNative\drivers\RsvLock.sys -- (RsvLock) DRV:64bit: - [2010.02.01 18:11:32 | 000,056,648 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SafeBoot.sys -- (SafeBoot) DRV:64bit: - [2010.01.13 17:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) DRV:64bit: - [2009.12.30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:64bit: - [2009.11.21 05:16:02 | 000,177,152 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2009.11.21 05:15:58 | 000,075,776 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2009.11.06 02:36:26 | 000,293,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) DRV:64bit: - [2009.10.29 02:54:00 | 000,079,360 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie) DRV:64bit: - [2009.10.26 23:52:00 | 000,061,952 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci) DRV:64bit: - [2009.10.26 22:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.09.29 01:46:00 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie) DRV:64bit: - [2009.09.17 22:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009.09.17 22:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009.09.17 22:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009.09.17 22:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.09.16 16:55:00 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:64bit: - [2009.08.26 12:45:10 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:64bit: - [2009.08.03 22:32:22 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009.07.21 00:05:50 | 000,059,008 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rismcx64.sys -- (rismcx64) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.06.26 02:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk) DRV:64bit: - [2009.06.26 01:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp) DRV:64bit: - [2009.06.26 01:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.04 12:32:52 | 000,060,160 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SbAlg.sys -- (SbAlg) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.04.29 16:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\windows\SysNative\drivers\adfs.sys -- (adfs) DRV:64bit: - [2008.02.13 12:35:46 | 012,379,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD) DRV - [2010.02.01 18:11:46 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SbAlg.sys -- (SbAlg) DRV - [2010.02.01 18:11:28 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysWow64\drivers\SbFsLock.sys -- (SbFsLock) DRV - [2010.02.01 18:11:24 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysWow64\drivers\rsvlock.sys -- (RsvLock) DRV - [2010.02.01 18:11:22 | 000,110,520 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SafeBoot.sys -- (SafeBoot) DRV - [2009.09.16 16:55:00 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009.08.26 12:45:10 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\windows\SysWow64\drivers\adfs.sys -- (adfs) DRV - [2008.02.13 12:34:50 | 012,067,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\snp2sxp.sys -- (SNP2STD) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E8E96765-A1D3-44EA-9102-639084622E71} IE:64bit: - HKLM\..\SearchScopes\{E8E96765-A1D3-44EA-9102-639084622E71}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4 IE - HKLM\..\SearchScopes,DefaultScope = {E8E96765-A1D3-44EA-9102-639084622E71} IE - HKLM\..\SearchScopes\{E8E96765-A1D3-44EA-9102-639084622E71}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = {E8E96765-A1D3-44EA-9102-639084622E71} IE - HKCU\..\SearchScopes\{E8E96765-A1D3-44EA-9102-639084622E71}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Susy\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Susy\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010.09.11 00:53:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.10 07:47:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.04.09 09:14:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.03.04 20:58:12 | 000,000,000 | ---D | M] (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Extensions [2011.07.07 00:10:37 | 000,000,000 | ---D | M] (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012.09.06 21:28:48 | 000,000,000 | ---D | M] (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions [2011.07.22 19:57:07 | 000,000,000 | ---D | M] (Image Zoom) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2012.01.04 15:08:41 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2011.07.22 19:57:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.06.30 08:48:54 | 000,000,000 | ---D | M] (FEBE) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2012.04.09 20:08:13 | 000,000,000 | ---D | M] (IE Tab) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2012.09.04 14:02:41 | 000,000,000 | ---D | M] (WOT) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012.04.07 12:17:11 | 000,000,000 | ---D | M] (HP Detect) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2012.06.09 01:01:01 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2011.07.22 19:57:27 | 000,000,000 | ---D | M] (Unread Tabs) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{f57f9be0-5281-11d9-9669-0800200c9a664} [2011.07.22 19:57:28 | 000,000,000 | ---D | M] (bit.ly preview) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\bitlypreview@jay.ridgeway [2012.02.09 22:56:26 | 000,000,000 | ---D | M] (Cooliris) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\piclens@cooliris.com [2011.07.22 19:57:31 | 000,000,000 | ---D | M] (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\temp [2012.07.31 08:29:49 | 000,242,942 | ---- | M] () (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\brief@mozdev.org.xpi [2012.09.04 12:36:27 | 001,625,368 | ---- | M] () (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\firebug@software.joehewitt.com.xpi [2012.09.06 21:28:48 | 001,515,292 | ---- | M] () (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\onepassword@agilebits.com.xpi [2012.09.04 12:14:50 | 000,084,654 | ---- | M] () (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}.xpi [2012.08.28 19:34:12 | 000,341,143 | ---- | M] () (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2012.09.05 21:34:01 | 001,268,546 | ---- | M] () (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012.07.25 09:01:07 | 000,741,958 | ---- | M] () (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.01.21 22:10:52 | 000,138,614 | ---- | M] () (No name found) -- C:\users\Susy\AppData\Roaming\Mozilla\Firefox\Profiles\x3829mqr.Susy\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012.07.12 07:10:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.07.12 07:10:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012.09.10 07:47:14 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.07.18 11:32:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.10 07:47:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.18 11:32:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.18 11:32:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.18 11:32:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.18 11:32:12 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: about:home CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Susy\AppData\Local\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Susy\AppData\Local\Google\Chrome\Application\17.0.963.78\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Susy\AppData\Local\Google\Chrome\Application\17.0.963.78\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Susy\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\users\Susy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\users\Susy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: 1Password = C:\users\Susy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkndfifopckmhdkohjeoljlbfnjhekfg\3.9.8.39899_0\ CHR - Extension: General Crawler = C:\users\Susy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\ CHR - Extension: Google Mail = C:\users\Susy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011.07.12 11:13:42 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation) O2:64bit: - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\Snagit 9\SnagitBHO.dll (TechSmith Corporation) O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (1Password) - {CB1A24DA-7416-4921-A0CF-5AA1160AAE2A} - D:\Datenbanken\1Password\Agile1pIE.dll (AgileBits) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\Snagit 9\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ACPW05DE] C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe (ACD Systems) O4 - HKLM..\Run: [Agile1pAgent] D:\Datenbanken\1Password\Agile1pAgent.exe (AgileBits) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe () O4 - HKLM..\Run: [KCodes UDS Control Center] C:\Program Files (x86)\Assmann\USB Device Server\Control Center.exe () O4 - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [pdfSaver3] File not found O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [fsm] File not found O4 - HKCU..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe () O4 - Startup: C:\Users\Susy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ac'tivAid.lnk = File not found O4 - Startup: C:\Users\Susy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\users\Susy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: 1Password - {00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - D:\Datenbanken\1Password\Agile1pIE.dll (AgileBits) O9 - Extra 'Tools' menuitem : 1Password Ctrl+Alt+P - {00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - D:\Datenbanken\1Password\Agile1pIE.dll (AgileBits) O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.3.96.67 213.33.98.136 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D7426F6-070B-42DD-A47A-826DAAF5D4CC}: DhcpNameServer = 195.3.96.67 213.33.98.136 O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.09.23 12:10:13 | 000,000,000 | ---D | C] -- C:\Users\Susy\AppData\Roaming\Malwarebytes [2012.09.23 12:10:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [2012.09.23 12:10:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.23 12:10:03 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2012.09.23 12:10:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes [2012.08.28 19:35:31 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012.08.26 07:46:47 | 000,000,000 | ---D | C] -- D:\_Desktop\Neuer Ordner [2007.08.13 17:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\Susy\AppData\Local\CDRip.dll [2007.01.18 21:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\Susy\AppData\Local\No23 Recorder.exe [2006.12.11 19:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\Susy\AppData\Local\basscd.dll [2006.12.11 19:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\Susy\AppData\Local\bass.dll ========== Files - Modified Within 30 Days ========== [2012.09.23 13:05:19 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.23 13:05:19 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.23 13:02:00 | 001,498,506 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012.09.23 13:02:00 | 000,654,166 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2012.09.23 13:02:00 | 000,616,008 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012.09.23 13:02:00 | 000,130,006 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2012.09.23 13:02:00 | 000,106,388 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012.09.23 12:57:17 | 000,000,310 | ---- | M] () -- C:\windows\tasks\wwzvrpoxkw.job [2012.09.23 12:57:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012.09.23 12:57:05 | 2033,745,919 | -HS- | M] () -- C:\hiberfil.sys [2012.09.23 12:56:07 | 000,000,020 | ---- | M] () -- C:\Users\Susy\defogger_reenable [2012.09.23 12:35:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2012.09.23 12:10:05 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.23 12:09:14 | 000,881,281 | ---- | M] () -- C:\Users\Susy\AppData\Local\census.cache [2012.09.23 12:09:05 | 000,144,546 | ---- | M] () -- C:\Users\Susy\AppData\Local\ars.cache [2012.09.23 11:59:03 | 000,000,036 | ---- | M] () -- C:\Users\Susy\AppData\Local\housecall.guid.cache [2012.09.18 13:28:00 | 000,001,953 | ---- | M] () -- C:\Users\Susy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ac'tivAid.lnk [2012.09.14 08:14:34 | 000,184,320 | RHS- | M] () -- C:\windows\SysWow64\pnrpnspx.dll [2012.09.12 10:45:43 | 000,001,487 | ---- | M] () -- D:\_Desktop\remember this.lnk [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2012.08.29 08:17:00 | 007,897,371 | R--- | M] () -- D:\_Desktop\weinherbst_weinviertel_2012.pdf ========== Files Created - No Company Name ========== [2012.09.23 12:56:06 | 000,000,020 | ---- | C] () -- C:\Users\Susy\defogger_reenable [2012.09.23 12:10:05 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.23 12:09:14 | 000,881,281 | ---- | C] () -- C:\Users\Susy\AppData\Local\census.cache [2012.09.23 12:09:05 | 000,144,546 | ---- | C] () -- C:\Users\Susy\AppData\Local\ars.cache [2012.09.23 11:59:03 | 000,000,036 | ---- | C] () -- C:\Users\Susy\AppData\Local\housecall.guid.cache [2012.09.14 08:14:34 | 000,184,320 | RHS- | C] () -- C:\windows\SysWow64\pnrpnspx.dll [2012.09.14 08:14:34 | 000,000,310 | ---- | C] () -- C:\windows\tasks\wwzvrpoxkw.job [2012.09.12 10:45:43 | 000,001,487 | ---- | C] () -- D:\_Desktop\remember this.lnk [2012.08.29 08:16:48 | 007,897,371 | R--- | C] () -- D:\_Desktop\weinherbst_weinviertel_2012.pdf [2012.04.06 17:47:59 | 000,000,000 | RHS- | C] () -- C:\Users\Susy\AppData\Roaming\CoreXPSP.dll [2012.04.06 17:47:14 | 000,164,352 | ---- | C] () -- C:\windows\SysWow64\UNRAR.DLL [2012.04.06 17:47:14 | 000,075,264 | ---- | C] () -- C:\windows\SysWow64\UNACEV2.DLL [2012.03.02 06:16:33 | 012,067,328 | ---- | C] () -- C:\windows\SysWow64\drivers\snp2sxp.sys [2012.03.02 06:16:33 | 000,025,472 | ---- | C] () -- C:\windows\SysWow64\drivers\sncamd.sys [2012.03.02 06:16:33 | 000,015,497 | ---- | C] () -- C:\windows\snp2std.ini [2012.03.02 06:16:30 | 000,151,552 | ---- | C] ( ) -- C:\windows\SysWow64\rsnp2std.dll [2012.02.09 21:05:44 | 000,416,064 | ---- | C] () -- C:\windows\SysWow64\nvStreaming.exe [2011.11.27 13:55:48 | 000,002,428 | ---- | C] () -- C:\windows\CDPlayer.ini [2011.10.05 22:00:37 | 000,025,600 | ---- | C] () -- C:\Users\Susy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.09.10 14:10:06 | 000,001,474 | ---- | C] () -- C:\Users\Susy\AppData\Local\RecConfig.xml [2011.09.09 23:16:13 | 006,908,648 | ---- | C] () -- C:\windows\SysWow64\SpoonUninstall.exe [2011.09.09 23:16:13 | 000,017,686 | ---- | C] () -- C:\windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat [2011.08.27 19:53:00 | 000,000,017 | ---- | C] () -- C:\Users\Susy\AppData\Local\resmon.resmoncfg [2011.08.18 19:16:14 | 000,185,236 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat [2011.08.12 21:04:09 | 000,000,078 | ---- | C] () -- C:\windows\BBW_INFO.INI [2011.07.22 17:11:50 | 001,673,216 | ---- | C] () -- C:\windows\SysWow64\BootMan.exe [2011.07.22 17:11:50 | 000,086,408 | ---- | C] () -- C:\windows\SysWow64\setupempdrv03.exe [2011.07.22 17:11:50 | 000,014,848 | ---- | C] () -- C:\windows\SysWow64\EuEpmGdi.dll [2011.07.22 17:11:50 | 000,014,216 | ---- | C] () -- C:\windows\SysWow64\epmntdrv.sys [2011.07.22 17:11:50 | 000,008,456 | ---- | C] () -- C:\windows\SysWow64\EuGdiDrv.sys [2011.07.12 15:16:09 | 000,000,531 | ---- | C] () -- C:\windows\eReg.dat [2011.07.09 22:46:54 | 000,000,400 | ---- | C] () -- C:\windows\ODBC.INI [2011.07.06 23:05:54 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat [2011.07.06 11:03:53 | 000,000,049 | ---- | C] () -- C:\windows\wininit.ini [2011.05.20 00:22:45 | 000,255,360 | ---- | C] ( ) -- C:\windows\SysWow64\rsnp2uvc.dll [2011.05.20 00:22:45 | 000,025,984 | ---- | C] () -- C:\windows\snuvcdsm.exe [2011.05.20 00:22:45 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini [2007.08.13 17:46:00 | 000,155,136 | ---- | C] () -- C:\Users\Susy\AppData\Local\lame_enc.dll [2006.10.26 01:06:48 | 000,064,000 | ---- | C] () -- C:\Users\Susy\AppData\Local\vorbisenc.dll [2006.10.26 01:06:48 | 000,019,456 | ---- | C] () -- C:\Users\Susy\AppData\Local\vorbisfile.dll [2006.10.26 01:06:46 | 000,143,872 | ---- | C] () -- C:\Users\Susy\AppData\Local\vorbis.dll [2006.10.26 01:06:36 | 000,015,872 | ---- | C] () -- C:\Users\Susy\AppData\Local\ogg.dll [2005.08.23 22:34:06 | 000,029,184 | ---- | C] () -- C:\Users\Susy\AppData\Local\no23xwrapper.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.01.04 11:59:19 | 014,164,480 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.01.04 11:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2011.07.22 19:56:04 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\ACD Systems [2011.07.22 19:56:25 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\Agile Web Solutions [2011.07.28 18:29:45 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\Ashampoo [2012.04.17 18:57:18 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\Audacity [2011.07.11 10:28:01 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\BMDNTCS [2011.07.28 18:45:14 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\DAEMON Tools Lite [2012.04.06 17:47:16 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\Dateicommander [2011.09.09 23:18:09 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\dBpoweramp [2011.07.22 19:56:25 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\DigitalPersona [2012.09.23 12:58:03 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\Dropbox [2012.09.04 22:06:36 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\FILEminimizerPictures [2011.07.22 11:35:37 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\GHISLER [2012.09.23 08:57:31 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\MailWasherPro [2012.03.04 21:02:20 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\Media Finder [2012.09.20 19:10:06 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\MediaMonkey [2011.11.13 18:05:02 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\Mp3tag [2012.01.18 11:17:38 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\OpenOffice.org [2011.12.31 10:36:15 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\PanoramaStudio [2012.05.07 15:23:54 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\PhotoSync [2011.07.22 19:57:37 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\Software Informer [2011.07.22 19:57:42 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\Thunderbird [2012.03.09 18:59:53 | 000,000,000 | ---D | M] -- C:\Users\Susy\AppData\Roaming\uTorrent ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 65 bytes -> D:\_Desktop\OE1_RUD120502_HP.mp3:com.dropbox.attributes < End of report > Code:
ATTFilter OTL Extras logfile created on: 23.09.2012 13:03:19 - Run 1
OTL by OldTimer - Version 3.2.66.0 Folder = D:\_Setups\_System\Malware entfernen
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,86 Gb Total Physical Memory | 6,14 Gb Available Physical Memory | 78,10% Memory free
15,72 Gb Paging File | 13,86 Gb Available in Paging File | 88,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 224,78 Gb Total Space | 174,41 Gb Free Space | 77,59% Space Free | Partition Type: NTFS
Drive D: | 223,68 Gb Total Space | 105,23 Gb Free Space | 47,04% Space Free | Partition Type: NTFS
Drive F: | 1,99 Gb Total Space | 1,48 Gb Free Space | 74,72% Space Free | Partition Type: FAT32
Computer Name: NB-SUSY2 | User Name: Susy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 5.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeQVPro5.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [DateiCommander] -- C:\Program Files (x86)\DateiCommander\DateiCommander.exe %1 (Ch.Lütgens & Co)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" "%1"
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" /NEXT "%1"
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" /ADD "%1"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 5.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeQVPro5.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [DateiCommander] -- C:\Program Files (x86)\DateiCommander\DateiCommander.exe %1 (Ch.Lütgens & Co)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" "%1"
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" /NEXT "%1"
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" /ADD "%1"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0474160A-586B-46F7-815C-CBDE7EB6AE3C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{06ECEF8D-741B-459F-8A6E-E2B5BEDEBAA4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A6E2890-BC5C-4D58-95A1-5E23F55B9B3F}" = lport=7428 | protocol=17 | dir=in | name=multifunction network server udp port |
"{0FEEB416-DF41-419E-8C31-7AD0D340FE93}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 |
"{114043B6-9E95-4C18-86AC-B4483C61A8F6}" = lport=139 | protocol=6 | dir=in | app=system |
"{14DB2F36-E5A7-45FC-A4CB-D7084E55BA02}" = lport=2869 | protocol=6 | dir=in | app=system |
"{20CC217B-AEC8-4FB9-BEB7-9DFF022704DC}" = lport=7428 | protocol=17 | dir=in | name=multifunction network server udp port |
"{2C30FFD0-6816-4E79-AD96-79097FB58121}" = rport=445 | protocol=6 | dir=out | app=system |
"{3933DE96-D804-48E1-B1E6-84540BF23D21}" = rport=10243 | protocol=6 | dir=out | app=system |
"{64067417-0A4C-4951-B1DC-8F68B98C1508}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{66491921-6EA4-44DE-B39D-545C3C39C8BF}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 |
"{777AD6CA-B809-4BE4-B670-0A5885853829}" = lport=445 | protocol=6 | dir=in | app=system |
"{77C1CB60-E753-4244-AE8F-0B26591D7C42}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{78B33140-1125-4402-82FF-C374AD278B05}" = lport=10243 | protocol=6 | dir=in | app=system |
"{94CF8B43-72F8-44DC-A718-9593D10D7F55}" = lport=35722 | protocol=6 | dir=in | name=photosync |
"{98343BDF-1279-4EA1-964E-168E0CECCE88}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A1385B60-FBB5-47A2-8972-1B51E855978C}" = lport=137 | protocol=17 | dir=in | app=system |
"{A3A72941-A3A1-40A7-9B46-2A0B5E38936E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AB220AB7-76A1-4739-BA05-32D23A2C3115}" = rport=137 | protocol=17 | dir=out | app=system |
"{ABA2A825-2B4E-4EE3-AE40-8BB8DC3253B7}" = rport=138 | protocol=17 | dir=out | app=system |
"{B4B5ECA8-5DBD-4B85-87A9-3F2638285E18}" = lport=138 | protocol=17 | dir=in | app=system |
"{C883F5C3-E3A9-4EC1-B306-DCD90FD6D806}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E913F1AD-5002-47F3-820E-0EAECEE8D53E}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{EA66EC59-B89E-494F-AE25-56AE7BBF638F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F23295E5-2169-4509-8707-C07DD94224AD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F6D70EA0-103A-40A0-8523-D83C2CBC9551}" = rport=139 | protocol=6 | dir=out | app=system |
"{F77B255F-B99F-4204-9099-93FFF722E4FE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B939A8-EE7B-4F89-A628-3EB84D4B1076}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{06B74326-313A-4752-ABB0-2B025292EA3F}" = protocol=6 | dir=in | app=c:\users\susy\appdata\roaming\dropbox\bin\dropbox.exe |
"{0C86E581-73C1-4EE5-BD08-80F278E7F618}" = protocol=6 | dir=in | app=c:\program files (x86)\assmann\usb device server\control center.exe |
"{255A841A-3253-4D41-8DAB-7E58B3605FC4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39E45375-16ED-4EC4-A934-EE722EEC2F0A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3CB9F1A7-6BAD-46DB-9633-74DF9BE081E1}" = protocol=17 | dir=in | app=c:\program files (x86)\assmann\usb device server\control center.exe |
"{459EAB35-612A-410E-A7FB-294E3AE80CD1}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{59279833-F131-45F7-89A0-D75DB737EFFC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{60247CB0-C3CC-4FFF-9A09-4D6CFAAC1056}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6266DB7B-CFAC-4F34-A5EA-E4740DD1DB16}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{62D7FD2F-FEF6-4ECC-BEA6-1E1C397606A5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{648DDF82-E6E6-48EC-AFED-FBF720948834}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6CE48981-0DF3-433A-A588-0CB5C1F3B879}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7270ED0C-8054-408D-A6E4-ACA66761C440}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73406E5F-1012-414E-9C7A-3465331EFB4B}" = protocol=6 | dir=out | app=system |
"{74D10CB8-C41C-4E3E-B6F1-EA22A2BA6C31}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{795F9CA1-6708-4860-83C3-67BDF6ECF986}" = protocol=17 | dir=in | app=c:\users\susy\appdata\roaming\dropbox\bin\dropbox.exe |
"{85292A0B-7812-4DAB-9481-9327A81FFECC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{93A2113A-36E8-4EE2-98F7-01A007511E10}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{93C5F7EE-4CAC-401F-AA7E-7D485CD0A42F}" = protocol=17 | dir=in | app=c:\program files (x86)\assmann\usb device server\control center.exe |
"{9DB4C487-3ED9-48E9-AA77-59DBAC0E8A9F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A9F9AA9E-7C22-4C0A-ADED-62071BC7E7EF}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{AB590491-AC51-442F-8227-2F6979CD4BA2}" = protocol=6 | dir=in | app=c:\program files (x86)\assmann\usb device server\control center.exe |
"{B09CBF6F-8EB0-47AD-B7E7-693A1CAEFF80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B41428EF-267F-46D4-912E-17DB48AAF601}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BC720DE1-9B34-4FB4-A00A-30A5D184A3F2}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{BD71CC7D-694B-42B4-9FBE-C583C349E7B7}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{BE02B116-0117-4D4C-BEF6-C38AC08F097F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CB768A62-F1DC-4BF2-8FB2-462E9D800125}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6D9FA70-1BC3-420D-ABEF-AAA77AFA1B01}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DAC62375-E5B5-4664-9658-BF1CCA68EBEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E874A561-B0D7-40D4-856C-1FD363FD5277}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E8AB4ED8-D42F-400E-8967-3E569A6B4106}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EFF7D509-CCC0-4001-83F1-7FCBFAFB9AEE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F6D6D2B5-42C2-4704-9EBF-1CC1F8DB85E2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FD0959EE-E84E-4F67-B562-FAACF4F7D879}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{74461708-03BA-456A-834D-1BEAF79E1AF6}C:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"TCP Query User{8240F559-7E57-4FA5-891D-D611B1014C07}D:\users\susy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=d:\users\susy\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{F4BA60F4-A7BD-4439-BD8B-5424981CE673}D:\users\susy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=d:\users\susy\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{0ED0A004-D24B-40E0-A4CE-DF73F8818252}C:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"UDP Query User{C8AA8AFE-2FED-4F5F-9847-898E25977066}D:\users\susy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=d:\users\susy\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{DC2FCFB5-6F5C-4544-AB78-21F4A774690E}D:\users\susy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=d:\users\susy\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01AF7A15-6785-4878-8924-AB894172DA94}" = PhotoSync
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series" = Canon iP3600 series Printer Driver
"{2917FD4B-9D6C-4012-BB45-DC9722CA78E2}" = HP ProtectTools Security Manager
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{3513DD3C-7680-4C7C-BF18-BA375D5F4132}" = Pre-Boot Security for HP ProtectTools
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}" = Paragon Drive Backup™ 9.5 Professional Edition
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.3
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8F258628-2E18-4C2E-8127-EF4EFAF5F75C}" = HP 3D DriveGuard
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{938C9D51-4233-4DCE-A650-96918ACDBF3E}" = HP Power Data
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{9EA86AD9-FB32-4B9E-BD56-3068F9B8031F}" = HP Wireless Assistant
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A94AABAE-52F0-48C4-9F94-A4CA4B423576}" = Adobe Photoshop Lightroom 3.2 64-bit
"{ABCB696E-2494-48FC-826D-0666CEE460DB}" = Drive Encryption for HP ProtectTools
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{BD7AB0B9-4491-4642-B6BB-2560648A0A22}" = HP Power Assistant
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DBB6FD33-2B16-45EB-93E1-C14344F9205C}" = Yamaha USB Audio Driver
"{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}" = Validity Fingerprint Driver
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E6BEE2A9-04CF-42FF-B95B-BB70FAD2DC3E}" = HP QuickLook
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FE3DEA5D-60D7-4C92-A71F-1E1F2F4615FC}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"CCleaner" = CCleaner
"doPDF 6 printer_is1" = doPDF 6.3 printer
"HPProtectTools" = HP ProtectTools Security Manager
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17DEA3ED-86EA-4D28-849C-20CB030F4963}" = Multifunction Network Server
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1E6219D4-027E-47EE-AB83-DD2F26E31A32}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{23355AD7-F773-4419-971D-1577A793D4B5}" = MindManager X5 Pro
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34985F59-8F6F-46F4-9AD5-53E2714294D2}" = ArcSoft WebCam Companion 3
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{35E0BA9D-3AFE-402A-99CA-D94FE1E73D18}" = ACDSee Pro 5
"{38ADB9A6-798C-11D6-A855-00105A80791C}" = OKI Network Extension
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5B059455-4572-4F70-8D91-2097B07215E5}" = HP ESU for Microsoft Windows 7
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}" = HP Documentation
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = D-PEN
"{7861911B-4270-498A-8F7A-FCF0570F484B}" = HP QuickWeb
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1
"{9966A5DB-8BB0-4D89-A701-386ED84E79B8}" = Adobe Creative Suite 4 Master Collection
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AF6EB833-D48A-49AC-9394-4C57489FDFF2}" = HP Software Framework
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BAB4AAD2-93A4-11D4-A165-00508B67A692}" = Client
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCEEDC10-441F-4E4E-8590-0955C4C6B3F6}" = Adobe Setup
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver
"{F600CCF3-9C88-4A22-B0B4-DDA82E997118}" = Adobe After Effects CS4 Template Projects & Footage
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.5
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD8234FF-A70D-4632-B146-F41AB37C0B24}" = HP Business Card Reader
"1Password_is1" = 1Password 1.0.9.296
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_7e74552a59eaf9fafd13f90894ac9bd" = Adobe Creative Suite 4 Master Collection
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AutoHotkey" = AutoHotkey 1.1.00.00
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BB_is1" = Band-in-a-Box 2006
"BMD SYSTEMHAUS - BMD55" = BMD SYSTEMHAUS - BMD55
"cam2pc" = cam2pc (remove only)
"Canon iP3600 series Benutzerregistrierung" = Canon iP3600 series Benutzerregistrierung
"Columbus Tree Mod" = Columbus Tree Mod 1.0 deutsch
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"DateiCommander 13.1_is1" = DateiCommander13
"Daub Ages" = Daub Ages! 1.53
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"Drive Encryption" = Drive Encryption for HP ProtectTools
"EASEUS Partition Master Professional Edition_is1" = EASEUS Partition Master 4.1.1 Professional
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"FILEminimizer Pictures_is1" = FILEminimizer Pictures
"InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"MailWasher Pro_is1" = MailWasher Pro
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"MediaMonkey_is1" = MediaMonkey 4.0
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"Mozilla Thunderbird (3.1.20)" = Mozilla Thunderbird (3.1.20)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49
"Noise Ninja (Standalone Version)_is1" = Noise Ninja 2 (Standalone Version)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PanoramaStudio" = PanoramaStudio 1.3 (deinstallieren)
"PDF-XChange 3_is1" = PDF-XChange 3.0
"PG Music DirectX Plugins_is1" = PG Music DirectX Plugins 1.3.4.1
"PixGEN_is1" = PixGEN v.2.8.1
"PSPad editor_is1" = PSPad editor
"Rainlendar2" = Rainlendar2 (remove only)
"ShapeCollage" = Shape Collage
"Software Informer_is1" = Software Informer 1.0 BETA
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.08.2012 05:11:33 | Computer Name = NB-Susy2 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 06.08.2012 09:23:29 | Computer Name = NB-Susy2 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 10.08.2012 19:01:42 | Computer Name = NB-Susy2 | Source = ThreadLib | ID = 0
Description =
Error - 18.08.2012 05:33:13 | Computer Name = NB-Susy2 | Source = ThreadLib | ID = 0
Description =
Error - 18.08.2012 05:43:48 | Computer Name = NB-Susy2 | Source = ThreadLib | ID = 0
Description =
Error - 18.08.2012 05:45:54 | Computer Name = NB-Susy2 | Source = ThreadLib | ID = 0
Description =
Error - 18.08.2012 15:50:23 | Computer Name = NB-Susy2 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 21.08.2012 04:47:13 | Computer Name = NB-Susy2 | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16768 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 7d8 Startzeit: 01cd7abc0a6ce214 Endzeit: 60000 Anwendungspfad:
C:\windows\Explorer.EXE Berichts-ID: 95cb3219-eb6c-11e1-94c6-cc52af862797
Error - 21.08.2012 12:16:55 | Computer Name = NB-Susy2 | Source = ThreadLib | ID = 0
Description =
Error - 21.08.2012 12:22:40 | Computer Name = NB-Susy2 | Source = ThreadLib | ID = 0
Description =
Error - 23.08.2012 11:41:17 | Computer Name = NB-Susy2 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc3c1 Name des fehlerhaften Moduls: tapisrv.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4a5be077 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000007feef5787f3
ID
des fehlerhaften Prozesses: 0x61c Startzeit der fehlerhaften Anwendung: 0x01cd7f7c3552ff0a
Pfad
der fehlerhaften Anwendung: C:\windows\system32\svchost.exe Pfad des fehlerhaften
Moduls: tapisrv.dll Berichtskennung: f9db84d5-ed38-11e1-a278-cc52af862797
[ Hewlett-Packard Events ]
Error - 05.11.2011 11:39:17 | Computer Name = NB-Susy2 | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\111105043905.xml
File not created by asset agent
Error - 12.11.2011 18:06:39 | Computer Name = NB-Susy2 | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\111112110636.xml
File not created by asset agent
Error - 10.12.2011 07:39:25 | Computer Name = NB-Susy2 | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\121110123922.xml
File not created by asset agent
Error - 04.02.2012 11:38:51 | Computer Name = NB-Susy2 | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\021204043844.xml
File not created by asset agent
Error - 19.03.2012 02:41:45 | Computer Name = NB-Susy2 | Source = HPSF.exe | ID = 4000
Description =
Error - 19.03.2012 02:41:47 | Computer Name = NB-Susy2 | Source = HPSF.exe | ID = 4000
Description =
Error - 15.04.2012 15:27:29 | Computer Name = NB-Susy2 | Source = HPSF.exe | ID = 4000
Description =
Error - 15.04.2012 15:27:46 | Computer Name = NB-Susy2 | Source = hpsa_service.exe | ID = 2000
Description =
Error - 15.07.2012 01:33:37 | Computer Name = NB-Susy2 | Source = HPSF.exe | ID = 4000
Description =
Error - 03.09.2012 01:40:23 | Computer Name = NB-Susy2 | Source = hpsa_service.exe | ID = 2000
Description =
[ HP Power Assistant Events ]
Error - 22.09.2012 17:06:38 | Computer Name = NB-Susy2 | Source = HP PA Service | ID = 0
Description = WifiWatcher: WlanQueryInterface failed, res=1168 guid={2D7426F6-070B-42DD-A47A-826DAAF5D4CC}
Error - 22.09.2012 17:13:21 | Computer Name = NB-Susy2 | Source = HP PA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 22.09.2012 17:13:28 | Computer Name = NB-Susy2 | Source = HP PA Service | ID = 0
Description = WifiWatcher: WlanQueryInterface failed, res=1168 guid={2D7426F6-070B-42DD-A47A-826DAAF5D4CC}
Error - 23.09.2012 02:55:40 | Computer Name = NB-Susy2 | Source = HP PA Service | ID = 0
Description = WifiWatcher: WlanQueryInterface failed, res=1168 guid={2D7426F6-070B-42DD-A47A-826DAAF5D4CC}
Error - 23.09.2012 04:14:50 | Computer Name = NB-Susy2 | Source = HP PA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 23.09.2012 04:14:53 | Computer Name = NB-Susy2 | Source = HP PA Service | ID = 0
Description = WifiWatcher: WlanQueryInterface failed, res=1168 guid={2D7426F6-070B-42DD-A47A-826DAAF5D4CC}
Error - 23.09.2012 04:45:27 | Computer Name = NB-Susy2 | Source = HP PA Service | ID = 0
Description = WifiWatcher: WlanQueryInterface failed, res=1168 guid={2D7426F6-070B-42DD-A47A-826DAAF5D4CC}
Error - 23.09.2012 04:51:37 | Computer Name = NB-Susy2 | Source = HP PA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 23.09.2012 04:51:41 | Computer Name = NB-Susy2 | Source = HP PA Service | ID = 0
Description = WifiWatcher: WlanQueryInterface failed, res=1168 guid={2D7426F6-070B-42DD-A47A-826DAAF5D4CC}
Error - 23.09.2012 05:43:06 | Computer Name = NB-Susy2 | Source = HP PA Service | ID = 0
Description = WifiWatcher: WlanQueryInterface failed, res=1168 guid={2D7426F6-070B-42DD-A47A-826DAAF5D4CC}
[ HP Software Framework Events ]
Error - 10.09.2012 09:58:44 | Computer Name = NB-Susy2 | Source = CaslWmi | ID = 5
Description = 2012.09.10 15:58:44.097|00000228|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 10.09.2012 09:59:57 | Computer Name = NB-Susy2 | Source = CaslWmi | ID = 5
Description = 2012.09.10 15:59:57.415|000008F8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 10.09.2012 09:59:58 | Computer Name = NB-Susy2 | Source = CaslWmi | ID = 5
Description = 2012.09.10 15:59:58.335|000029F8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 10.09.2012 10:00:00 | Computer Name = NB-Susy2 | Source = CaslWmi | ID = 5
Description = 2012.09.10 16:00:00.655|00002374|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 10.09.2012 10:00:01 | Computer Name = NB-Susy2 | Source = CaslWmi | ID = 5
Description = 2012.09.10 16:00:01.541|00002A98|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 10.09.2012 10:00:05 | Computer Name = NB-Susy2 | Source = CaslWmi | ID = 5
Description = 2012.09.10 16:00:05.942|000021DC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 15.09.2012 16:01:12 | Computer Name = NB-Susy2 | Source = CaslWmi | ID = 5
Description = 2012.09.15 22:01:12.914|00001FDC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 15.09.2012 16:01:14 | Computer Name = NB-Susy2 | Source = CaslWmi | ID = 5
Description = 2012.09.15 22:01:14.267|00002E54|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 22.09.2012 15:43:28 | Computer Name = NB-Susy2 | Source = CaslWmi | ID = 5
Description = 2012.09.22 21:43:28.175|000013FC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 22.09.2012 15:43:29 | Computer Name = NB-Susy2 | Source = CaslWmi | ID = 5
Description = 2012.09.22 21:43:29.346|00000AEC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
[ HP Wireless Assistant Events ]
Error - 25.02.2012 08:32:56 | Computer Name = NB-Susy2 | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 25.02.2012 09:21:40 | Computer Name = NB-Susy2 | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 25.02.2012 12:17:50 | Computer Name = NB-Susy2 | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 25.02.2012 14:54:16 | Computer Name = NB-Susy2 | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 25.02.2012 16:26:43 | Computer Name = NB-Susy2 | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 25.02.2012 18:16:00 | Computer Name = NB-Susy2 | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 26.02.2012 05:25:02 | Computer Name = NB-Susy2 | Source = HP WA Service | ID = 0
Description = WifiWatcher: WlanQueryInterface failed, res=1168 guid={2D7426F6-070B-42DD-A47A-826DAAF5D4CC}
Error - 26.02.2012 05:26:53 | Computer Name = NB-Susy2 | Source = HP WA Service | ID = 0
Description = WifiWatcher: WlanQueryInterface failed, res=1168 guid={2D7426F6-070B-42DD-A47A-826DAAF5D4CC}
Error - 26.02.2012 07:16:20 | Computer Name = NB-Susy2 | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 26.02.2012 10:06:11 | Computer Name = NB-Susy2 | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
[ System Events ]
Error - 22.09.2012 15:31:04 | Computer Name = NB-Susy2 | Source = bowser | ID = 8003
Description =
Error - 23.09.2012 06:56:26 | Computer Name = NB-Susy2 | Source = DCOM | ID = 10010
Description =
Error - 23.09.2012 06:57:29 | Computer Name = NB-Susy2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "rimspci" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058
Error - 23.09.2012 06:57:29 | Computer Name = NB-Susy2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "risdpcie" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058
Error - 23.09.2012 06:57:29 | Computer Name = NB-Susy2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "rixdpcie" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058
Error - 23.09.2012 06:58:20 | Computer Name = NB-Susy2 | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-1073473535.
Error - 23.09.2012 06:58:20 | Computer Name = NB-Susy2 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 23.09.2012 06:58:50 | Computer Name = NB-Susy2 | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 23.09.2012 06:58:50 | Computer Name = NB-Susy2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 23.09.2012 06:58:52 | Computer Name = NB-Susy2 | Source = bowser | ID = 8003
Description =
< End of report >
|
| Themen zu Falsche Links in Google-Suche |
| adobe after effects, antivir, bho, bonjour, brief, desktop, error, excel, failed, fehler, firefox, flash player, helper, homepage, hängen, launch, mozilla, mp3, pixel, plug-in, problem, programm, registry, revo uninstaller, richtlinie, security, server, software, svchost.exe, system, tab öffnen, third party, total commander, usb, usb 3.0, win7pro |
Baum-Darstellung