|
Was habe ich mir da eingefangen? Danke für dieses Forum und die Beteiligung: Hier ein OTL.Txt Und die Extras.Txt Danke Olli OTL logfile created on: 29.06.2012 11:34:30 - Run 1 OTL by OldTimer - Version 3.2.53.0 Folder = Y:\downloads 64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 52,00% Memory free 7,72 Gb Paging File | 5,74 Gb Available in Paging File | 74,37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,73 Gb Total Space | 6,07 Gb Free Space | 12,46% Space Free | Partition Type: NTFS Drive N: | 1848,39 Gb Total Space | 1235,95 Gb Free Space | 66,87% Space Free | Partition Type: NTFS Drive O: | 1848,39 Gb Total Space | 1235,95 Gb Free Space | 66,87% Space Free | Partition Type: NTFS Drive S: | 1848,39 Gb Total Space | 1235,95 Gb Free Space | 66,87% Space Free | Partition Type: NTFS Drive Y: | 249,26 Gb Total Space | 51,74 Gb Free Space | 20,76% Space Free | Partition Type: NTFS Drive Z: | 48,73 Gb Total Space | 6,07 Gb Free Space | 12,46% Space Free | Partition Type: CSC-CACHE Computer Name: myPCName| User Name: myName | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.29 11:34:04 | 000,596,992 | ---- | M] (OldTimer Tools) -- Y:\Downloads\OTL (1).exe PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\myName\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012.02.01 15:51:19 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.02.01 15:51:18 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2012.02.01 15:51:18 | 000,340,136 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe PRC - [2012.02.01 15:51:18 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.12.01 15:53:44 | 001,083,137 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Avira Security Management Center Agent\agent.exe PRC - [2011.11.07 09:17:56 | 000,857,600 | ---- | M] (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET) -- Y:\prg\GO Contact Sync\GOContactSync.exe PRC - [2010.12.03 10:45:58 | 000,365,704 | ---- | M] (NovaStor) -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exe PRC - [2010.11.03 13:00:37 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.10.28 11:11:36 | 000,251,256 | R--- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe PRC - [2010.01.22 23:23:00 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2010.01.22 23:22:04 | 000,129,584 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\vmware\vmware-tray.exe PRC - [2010.01.22 23:21:58 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2010.01.22 23:21:44 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\vmware\vmware-authd.exe PRC - [2010.01.22 22:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe PRC - [2010.01.20 17:49:04 | 000,308,640 | ---- | M] (Panasonic Corporation) -- C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe PRC - [2010.01.18 16:41:50 | 000,063,928 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe PRC - [2009.12.21 19:49:44 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe PRC - [2009.12.18 19:03:12 | 000,331,512 | ---- | M] (QUALCOMM, Inc.) -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe PRC - [2009.12.12 01:48:34 | 000,104,696 | ---- | M] () -- C:\Program Files (x86)\OpenVPN\bin\openvpn-gui-1.0.3.exe PRC - [2009.11.24 14:51:18 | 000,176,056 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe PRC - [2009.11.09 14:48:34 | 000,054,632 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\LENOVO\HOTKEY\CAMMUTE.exe PRC - [2009.10.01 17:14:30 | 000,144,752 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Zoom\TpScrex.exe PRC - [2009.07.20 05:00:00 | 000,077,824 | ---- | M] () -- Y:\prg\Logitech\SetPoint\x86\SetPoint32.exe PRC - [2009.05.15 12:37:00 | 000,206,128 | R--- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- Y:\prg\Spybot - Search & Destroy\TeaTimer.exe PRC - [2005.02.17 18:39:56 | 000,070,920 | ---- | M] (Micro Eye, Inc.) -- y:\prg\SpeedFiler\AddInMon.exe ========== Modules (No Company Name) ========== MOD - [2012.06.14 06:19:45 | 012,079,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\0fd7cd0503cdde3598c52680e7b1d36f\System.Web.ni.dll MOD - [2012.06.14 06:19:17 | 000,708,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\a4eededc9f387dcf28a46a0a9ba4f8e8\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dl l MOD - [2012.06.14 06:18:35 | 000,312,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\58a88bea16ee9a238264175e964535f2\Microsoft.Office.Tools.Outlook.Implementation.ni. dll MOD - [2012.06.14 06:18:34 | 000,152,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\2babd1e90c77c752c29731ac15df85d6\Microsoft.Office.Tools.Outlook.ni.dll MOD - [2012.06.14 06:18:33 | 000,864,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\e4dd83a34db1c7d0f4b3c79f02e52ee4\Microsoft.Office.Tools.Common.Implementation.ni.d ll MOD - [2012.06.14 06:18:32 | 000,336,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\879d2f2c48ac25c13e9ef20ba33fc47d\Microsoft.Office.Tools.Common.ni.dll MOD - [2012.06.14 06:18:17 | 001,880,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e642f8e9415d53aa2bc08fc3af938236\System.Deployment.ni.dll MOD - [2012.06.14 06:05:29 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012.06.14 06:05:25 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012.06.13 23:31:34 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c06946b464ae8dd22151e0a6f310c976\System.Windows.Forms.ni.dll MOD - [2012.06.13 23:31:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\29e48cb144e24a7b4335d1360cc06642\System.Drawing.ni.dll MOD - [2012.05.11 10:31:51 | 001,925,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\9d1558dc7461282dca5d16909b245476\System.Web.Services.ni.dll MOD - [2012.05.11 10:24:18 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8f0cf05d2b1e46a772312143227cb6ed\System.Xml.Linq.ni.dll MOD - [2012.05.11 10:23:49 | 000,738,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\ce16b70193871e2b88d1ea784e5d57c0\Microsoft.VisualStudio.Tools.Applications.ServerD ocument.ni.dll MOD - [2012.05.11 10:23:49 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\878fd78d38f29bafbe239b7bf45bf6d9\Microsoft.VisualStudio.Tools.Applications.Hosting .ni.dll MOD - [2012.05.11 10:23:49 | 000,135,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\33fb305b8e4f61e1cd1a13584e91dce2\Microsoft.VisualStudio.Tools.Applications.Runtime .ni.dll MOD - [2012.05.11 10:22:57 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\14d064f179f910a8ce4df6004934aabc\Microsoft.Office.Tools.v4.0.Framework.ni.dll MOD - [2012.05.11 10:22:54 | 000,021,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\aa25ff5580e60cd15a13e83980d35583\Microsoft.Office.Tools.ni.dll MOD - [2012.05.11 07:54:55 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012.05.11 07:54:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012.05.11 07:54:50 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.05.11 07:54:34 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012.05.10 17:35:00 | 001,616,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\4bacbc23cd4c0841cf4c18399b30b63c\Microsoft.CSharp.ni.dll MOD - [2012.05.10 17:34:59 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\67065dc691dbf9574b3c8e5ac6ec5246\System.Data.ni.dll MOD - [2012.05.10 17:34:54 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\3e4f9b3b78f0f13b7469a14e69d756ef\System.Core.ni.dll MOD - [2012.05.10 17:34:54 | 000,377,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\559594e862b578f3040446d7d4498cb7\System.Dynamic.ni.dll MOD - [2012.05.10 17:34:50 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bd2433e160ce2f19acc8ebe10babae8d\System.Xml.ni.dll MOD - [2012.05.10 17:34:48 | 000,736,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\4278bedb3086448c94c1e7f563325052\System.Security.ni.dll MOD - [2012.05.10 17:34:47 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6711765f90c0082ec393943b924ed277\System.Configuration.ni.dll MOD - [2012.05.10 17:34:46 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9cf67ed1b743fbc3dd6b78fbc0595236\System.ni.dll MOD - [2012.05.10 17:34:42 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\1bdf7de454340e0ea9fc455aeaec49d9\mscorlib.ni.dll MOD - [2011.12.27 18:11:00 | 000,094,208 | ---- | M] () -- y:\prg\PhoneSuite_CTI_Client\ml_res.dll MOD - [2011.09.30 17:12:40 | 000,412,728 | ---- | M] () -- C:\Users\myName\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll MOD - [2011.09.30 17:12:39 | 003,696,184 | ---- | M] () -- C:\Users\myName\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll MOD - [2011.09.30 17:11:13 | 000,142,568 | ---- | M] () -- C:\Users\myName\AppData\Local\Google\Chrome\Application\14.0.835.202\avutil-51.dll MOD - [2011.09.30 17:11:12 | 000,253,320 | ---- | M] () -- C:\Users\myName\AppData\Local\Google\Chrome\Application\14.0.835.202\avformat-53.dll MOD - [2011.09.30 17:11:10 | 002,403,240 | ---- | M] () -- C:\Users\myName\AppData\Local\Google\Chrome\Application\14.0.835.202\avcodec-53.dll MOD - [2011.07.01 17:02:46 | 000,972,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.03.25 14:19:52 | 000,277,504 | ---- | M] () -- Y:\prg\SugarCRM\SugarOutlook\SQLite.dll MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010.12.21 02:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.02.21 18:33:46 | 000,094,208 | ---- | M] () -- y:\prg\FileZilla FTP Client\fzshellext.dll MOD - [2009.12.12 01:48:34 | 001,206,784 | ---- | M] () -- C:\Program Files (x86)\OpenVPN\bin\libeay32.dll MOD - [2009.12.12 01:48:34 | 000,104,696 | ---- | M] () -- C:\Program Files (x86)\OpenVPN\bin\openvpn-gui-1.0.3.exe MOD - [2009.07.20 05:00:00 | 000,077,824 | ---- | M] () -- Y:\prg\Logitech\SetPoint\x86\SetPoint32.exe MOD - [2009.02.26 19:18:08 | 000,099,160 | ---- | M] () -- Y:\prg\Microsoft Office\Office12\cpaoaddin.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012.02.02 18:14:36 | 000,336,248 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\FRITZ!Fernzugang\avmike.exe -- (avmike) SRV:64bit: - [2011.10.31 18:39:56 | 000,189,304 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe -- (nwtsrv) SRV:64bit: - [2011.10.31 18:39:42 | 000,143,736 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\FRITZ!Fernzugang\certsrv.exe -- (certsrv) SRV:64bit: - [2010.01.18 16:41:50 | 000,063,928 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe -- (TPHKSVC) SRV:64bit: - [2009.11.17 19:06:02 | 000,044,984 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe -- (LENOVO.MICMUTE) SRV:64bit: - [2009.11.09 14:48:34 | 000,054,632 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\LENOVO\HOTKEY\CAMMUTE.exe -- (LENOVO.CAMMUTE) SRV:64bit: - [2009.07.20 13:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2007.06.01 03:02:16 | 000,043,568 | ---- | M] (Lenovo) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC) SRV - [2012.06.29 09:40:40 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.06.19 14:48:23 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.02.01 15:51:19 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.02.01 15:51:18 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2012.02.01 15:51:18 | 000,340,136 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2012.02.01 15:51:18 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.12.01 15:53:44 | 001,083,137 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Avira Security Management Center Agent\agent.exe -- (AntiVir Security Management Center Agent) SRV - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- y:\prg\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2010.12.03 10:45:58 | 000,365,704 | ---- | M] (NovaStor) [Auto | Running] -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exe -- (nsService) SRV - [2010.11.14 14:27:28 | 000,179,200 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\ManagementServer.Agent.Service.exe -- (Backup Client Agent Service) SRV - [2010.10.28 11:11:36 | 000,251,256 | R--- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService) SRV - [2010.05.14 16:14:32 | 000,161,144 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist Express Customer\223\g2ax_service.exe -- (GoToAssist Express Customer) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.22 23:23:00 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2010.01.22 23:21:58 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010.01.22 23:21:44 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\vmware\vmware-authd.exe -- (VMAuthdService) SRV - [2010.01.22 22:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2009.12.18 19:03:12 | 000,331,512 | ---- | M] (QUALCOMM, Inc.) [Auto | Running] -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe -- (QDLService2kLenovo) Qualcomm Gobi 2000 Download Service (Lenovo) SRV - [2009.12.12 01:47:44 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService) SRV - [2009.10.12 15:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\vmware\vmware-ufad.exe -- (ufad-ws60) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.06.15 13:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.02.01 15:51:19 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.02.01 15:51:19 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.10.22 13:48:07 | 000,230,864 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:64bit: - [2011.07.05 21:44:42 | 000,412,024 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmnwim.sys -- (NWIM) DRV:64bit: - [2011.05.10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.08.11 15:39:24 | 000,034,880 | ---- | M] (Connectify) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\connctfy.sys -- (connctfyMP) DRV:64bit: - [2010.08.11 15:39:24 | 000,034,880 | ---- | M] (Connectify) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\connctfy.sys -- (connctfy) DRV:64bit: - [2010.07.06 20:52:52 | 000,168,544 | ---- | M] (SysProgs.org) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus) DRV:64bit: - [2010.06.22 04:37:38 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010.06.10 08:04:50 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010.02.26 16:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2010.02.12 21:30:26 | 000,145,360 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2010.01.22 23:24:32 | 000,068,656 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2010.01.22 23:24:28 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd2) DRV:64bit: - [2010.01.22 23:24:26 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2010.01.22 23:24:26 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2010.01.22 22:00:44 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2010.01.22 18:13:00 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb) DRV:64bit: - [2010.01.22 18:12:58 | 000,045,104 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:64bit: - [2010.01.22 18:12:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2010.01.20 14:14:06 | 000,682,040 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2009.12.18 17:40:24 | 000,240,640 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcusbnetlno2k.sys -- (qcusbnetlno2k) Gobi 2000 USB-NDIS miniport(05C6-9205) DRV:64bit: - [2009.12.18 17:40:22 | 000,121,216 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcusbserlno2k.sys -- (qcusbserlno2k) Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205) DRV:64bit: - [2009.12.18 17:40:22 | 000,006,400 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcfilterlno2k.sys -- (qcfilterlno2k) Gobi 2000 USB Composite Device Filter Driver(05C6-9205) DRV:64bit: - [2009.12.18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2009.12.14 18:09:08 | 000,163,072 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877) DRV:64bit: - [2009.12.12 01:48:04 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2009.12.10 10:37:56 | 000,294,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R) DRV:64bit: - [2009.12.03 18:45:22 | 000,300,080 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.10.26 15:52:00 | 000,061,952 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci) DRV:64bit: - [2009.10.22 09:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2009.10.22 09:09:12 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2009.09.17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009.09.15 12:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R) DRV:64bit: - [2009.08.09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.06.17 18:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2009.06.17 18:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2009.06.17 18:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd) DRV:64bit: - [2009.06.17 18:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb) DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2008.05.12 19:04:24 | 000,015,400 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi) DRV:64bit: - [2008.02.21 03:10:36 | 000,196,992 | ---- | M] (Omnivision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ov550ivx.sys -- (OV550I) DRV:64bit: - [2007.06.01 03:01:52 | 000,026,928 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV) DRV:64bit: - [2006.08.25 15:36:52 | 000,039,208 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv) DRV - [2009.10.12 15:31:04 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\vmware\vstor2-ws60.sys -- (vstor2-ws60) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 16 0A 2B BD 7E 4E CB 01 [binary data] IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..\SearchScopes,DefaultScope = {E7D5A77F-3742-43AB-B506-1C328142AB57} IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..\SearchScopes\{6B7D5A67-CA6F-4505-98E2-2E8118C10CD2}: "URL" = hxxp://go.web.de/suchbox/ebay?query={searchTerms} IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..\SearchScopes\{7943EFEA-FE26-45B2-B12E-23E715EF85F6}: "URL" = hxxp://go.web.de/suchbox/google?q={searchTerms} IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..\SearchScopes\{E2750994-1EA2-497A-82BE-4437E022ADEA}: "URL" = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms} IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..\SearchScopes\{E7D5A77F-3742-43AB-B506-1C328142AB57}: "URL" = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms} IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://www.startpage.com/" FF - prefs.js..extensions.enabledItems: {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.2.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8 FF - prefs.js..extensions.enabledItems: IncredibleBookmarks@visibotech.com:0.7.3 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: artur.dubovoy@gmail.com:2.0.26 FF - prefs.js..extensions.enabledItems: netviewero2o@netviewero2o:1.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: Y:\prg\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPWMDRMWrapper: C:\Program Files (x86)\Videoload Manager\NPWMDRMWrapper.dll ( ) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( ) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: y:\prg\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\myName\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\myName\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.10.28 22:19:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: Y:\prg\Mozilla Firefox\components [2012.06.19 14:48:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: Y:\prg\Mozilla Firefox\plugins [2012.06.28 00:03:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.10\extensions\\Components: y:\prg\SeaMonkey\components [2012.06.09 10:45:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.10\extensions\\Plugins: y:\prg\SeaMonkey\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.10.28 22:19:35 | 000,000,000 | ---D | M] [2010.03.01 17:39:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\myName\AppData\Roaming\mozilla\Extensions [2012.06.29 09:59:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\myName\AppData\Roaming\mozilla\Firefox\Profiles\f81ynegu.default\extensions [2012.06.11 07:57:51 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\myName\AppData\Roaming\mozilla\Firefox\Profiles\f81ynegu.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2010.03.19 09:24:30 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Users\myName\AppData\Roaming\mozilla\Firefox\Profiles\f81ynegu.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB} [2010.10.27 08:58:53 | 000,000,000 | ---D | M] (Incredible Bookmarks) -- C:\Users\myName\AppData\Roaming\mozilla\Firefox\Profiles\f81ynegu.default\extensions\IncredibleBookmarks@visibotech.com [2012.06.29 09:59:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\myName\AppData\Roaming\mozilla\Firefox\Profiles\f81ynegu.default\extensions\staged [2012.06.22 17:35:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\myName\AppData\Roaming\mozilla\SeaMonkey\Profiles\qke3iag9.default\extensions [2012.06.22 17:35:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\myName\AppData\Roaming\mozilla\SeaMonkey\Profiles\qke3iag9.default\extensions\staged [2012.06.25 15:35:47 | 000,081,156 | ---- | M] () (No name found) -- C:\USERS\myName\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F81YNEGU.DEFAULT\EXTENSIONS\{6D96BB5E-1175-4EBF-8AB5-5F56F1C79F65}.XPI [2012.06.13 11:37:36 | 000,525,301 | ---- | M] () (No name found) -- C:\USERS\myName\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F81YNEGU.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI [2012.02.21 15:49:40 | 000,015,392 | ---- | M] () (No name found) -- C:\USERS\myName\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F81YNEGU.DEFAULT\EXTENSIONS\{966762EB-7132-4081-AC70-20D20161AD96}.XPI [2012.04.16 11:11:26 | 000,340,198 | ---- | M] () (No name found) -- C:\USERS\myName\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F81YNEGU.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI [2012.01.06 15:04:44 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\myName\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F81YNEGU.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.10.29 10:51:27 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\myName\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F81YNEGU.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI [2012.06.12 09:25:19 | 000,185,600 | ---- | M] () (No name found) -- C:\USERS\myName\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F81YNEGU.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\myName\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = Y:\prg\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Microsoft Office 2003 (Enabled) = Y:\prg\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\myName\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\myName\AppData\Local\Google\Chrome\Application\14.0.835.202\gears.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = Y:\prg\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll CHR - plugin: fluxDVD Browser Plugin (Enabled) = C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll CHR - plugin: fluxDVD Placeholder Plugin (Enabled) = C:\Program Files (x86)\Videoload Manager\NPWMDRMWrapper.dll CHR - plugin: iTunes Application Detector (Enabled) = Y:\prg\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = y:\prg\VideoLAN\VLC\npvlc.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Entanglement = C:\Users\myName\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\ CHR - Extension: Google Analytics Opt-out Add-on (by Google) = C:\Users\myName\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh\0.9.0_0\ CHR - Extension: Poppit = C:\Users\myName\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\ O1 HOSTS File: ([2012.06.28 06:09:48 | 000,442,922 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 www.123fporn.info O1 - Hosts: 15215 more lines... O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (no name) - AutorunsDisabled - No CLSID value found. O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - y:\prg\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Deaktivierungs-Add-on für Browser von Google Analytics) - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll (Google, Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found. O3 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found O4:64bit: - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [vmware-tray] C:\Program Files (x86)\vmware\vmware-tray.exe (VMware, Inc.) O4 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000..\Run: [GoogleContactSync] Y:\prg\GO Contact Sync\GOContactSync.exe (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET) O4 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000..\Run: [SpybotSD TeaTimer] y:\prg\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\myName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2012.04.23 17:09:01 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\myName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\myName\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\myName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk = C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.) O4 - Startup: C:\Users\myName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenVPN GUI.lnk = C:\Program Files (x86)\OpenVPN\bin\openvpn-gui-1.0.3.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://Y:\prg\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Open with XmlPad - Y:\prg\WMHelp XmlPad\WmhASPP.dll (WMHelp Software) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://Y:\prg\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Open with XmlPad - Y:\prg\WMHelp XmlPad\WmhASPP.dll (WMHelp Software) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Y:\prg\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - y:\prg\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Program Files (x86)\vmware\x64\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\vmware\x64\vsocklib.dll (VMware, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\vmware\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\vmware\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..Trusted Domains: cleverreach.com ([novastor] http in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..Trusted Domains: google-analytics.com ([]http in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..Trusted Domains: novastor.com ([]http in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..Trusted Domains: novastor.com ([]https in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-2854375698-3784374130-2371189389-1000\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {00191E4B-49C2-48E2-A548-8F702D75622A} https://strtc.oracle.com/imtapp/res/jar/cnsload.cab (Reg Error: Key error.) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab (DLM Control) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5620FB50-84B1-4E75-BDF5-E524F6F52475}: DhcpNameServer = 192.168.242.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59559E20-243E-4F64-96DF-88DE86944D9E}: DhcpNameServer = 10.129.32.1 10.111.81.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6819F6FE-25D7-4314-93CD-044A5F63494C}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77ABF940-6D36-4CD8-95E2-D85AE6393E3F}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1193CDA-4318-4DAB-9092-627F9AB45E75}: NameServer = 10.129.32.1 10.111.81.129 O18:64bit: - Protocol\Handler\fluxhttp - No CLSID value found O18:64bit: - Protocol\Handler\fluxhttp\0x00000007 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\wmh - No CLSID value found O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax () O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax () O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\wmh {A1428E78-2D00-4590-A071-0CC9700A7768} - Y:\prg\WMHelp XmlPad\WmhASPP.dll (WMHelp Software) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\AutorunsDisabled: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{81ea7844-b780-11df-ac19-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{81ea7844-b780-11df-ac19-005056c00008}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O33 - MountPoints2\{de78e5be-bcf3-11df-b101-de8d43c7e0c5}\Shell - "" = AutoRun O33 - MountPoints2\{de78e5be-bcf3-11df-b101-de8d43c7e0c5}\Shell\AutoRun\command - "" = E:\SETUP.EXE /AUTORUN O33 - MountPoints2\{de78e5be-bcf3-11df-b101-de8d43c7e0c5}\Shell\configure\command - "" = E:\SETUP.EXE O33 - MountPoints2\{de78e5be-bcf3-11df-b101-de8d43c7e0c5}\Shell\install\command - "" = E:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.06.29 11:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.06.29 11:38:27 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.29 11:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.06.28 07:11:13 | 000,000,000 | ---D | C] -- C:\Users\myName\AppData\Roaming\Malwarebytes [2012.06.28 07:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.06.28 06:07:48 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys [2012.06.28 06:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012.06.28 06:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.06.28 00:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012.06.28 00:28:56 | 000,000,000 | ---D | C] -- Y:\data\Documents\Simply Super Software [2012.06.28 00:03:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.06.21 16:00:06 | 000,000,000 | ---D | C] -- C:\Users\myName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\openAnalyzer [2012.06.20 13:47:38 | 000,000,000 | R--D | C] -- Y:\data\Desktop\Seaburg-8590 [2012.06.19 12:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraCompare [2012.06.19 12:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IDM Computer Solutions [2012.06.19 12:50:28 | 000,000,000 | ---D | C] -- C:\ProgramData\IDMComp [2012.06.19 12:50:22 | 000,000,000 | ---D | C] -- C:\Users\myName\AppData\Roaming\IDMComp [2012.06.19 10:51:55 | 004,034,048 | ---- | C] (SAP AG) -- C:\Windows\SysNative\librfc32.dll [2012.06.15 11:30:59 | 000,000,000 | ---D | C] -- C:\Users\myName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CheckAud Archiv-Viewer [2012.06.13 19:31:40 | 000,000,000 | ---D | C] -- C:\Users\myName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CheckAud for Data Analysis [2012.06.12 10:47:25 | 000,000,000 | ---D | C] -- C:\Users\myName\AppData\Local\Macromedia [2012.06.11 11:57:36 | 000,000,000 | ---D | C] -- C:\Users\myName\IBS Schreiber GmbH [2012.06.11 11:57:36 | 000,000,000 | ---D | C] -- C:\Users\myName\AppData\Roaming\IBS Schreiber GmbH [2012.06.09 10:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaMonkey [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.29 11:38:29 | 000,001,097 | ---- | M] () -- C:\Users\myName\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2012.06.29 11:38:29 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012.06.29 11:35:39 | 000,015,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.29 11:35:39 | 000,015,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.29 11:29:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.29 11:27:07 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.29 11:26:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.29 09:56:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.28 06:09:48 | 000,442,922 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012.06.28 06:07:48 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys [2012.06.28 06:04:37 | 000,000,946 | ---- | M] () -- Y:\data\Desktop\Spybot - Search & Destroy.lnk [2012.06.28 06:04:37 | 000,000,848 | ---- | M] () -- C:\Users\myName\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2012.06.27 16:12:20 | 001,771,252 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.27 16:12:20 | 000,751,378 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.27 16:12:20 | 000,708,210 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.27 16:12:20 | 000,168,832 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.27 16:12:20 | 000,141,944 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.25 15:40:52 | 000,001,304 | ---- | M] () -- C:\Users\myName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2012.06.25 14:32:20 | 000,002,032 | -H-- | M] () -- Y:\data\Documents\Default.rdp [2012.06.19 12:51:02 | 000,002,030 | ---- | M] () -- C:\Users\myName\Application Data\Microsoft\Internet Explorer\Quick Launch\UltraCompare.lnk [2012.06.19 12:51:02 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\UltraCompare.lnk [2012.06.19 12:40:18 | 000,000,757 | ---- | M] () -- C:\Users\myName\_viminfo [2012.06.15 11:30:59 | 000,001,018 | ---- | M] () -- Y:\data\Desktop\CheckAud Archiv-Viewer.lnk [2012.06.15 11:22:26 | 000,001,050 | ---- | M] () -- C:\Users\myName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.06.15 08:04:11 | 000,004,235 | ---- | M] () -- Y:\data\Documents\Application.png [2012.06.14 06:00:47 | 000,461,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.13 19:31:40 | 000,000,917 | ---- | M] () -- Y:\data\Desktop\CheckAud for Data Analysis.lnk [2012.06.13 19:31:40 | 000,000,917 | ---- | M] () -- Y:\data\Desktop\CheckAud for Data Analysis.lnk [2012.06.13 18:16:26 | 000,000,126 | ---- | M] () -- Y:\data\Desktop\Theme Builder Anomalies- Themes Incompatible with PowerPoint 2010 and 2011 - PowerPoint, Presentations.url [2012.06.13 14:10:48 | 005,365,186 | ---- | M] () -- Y:\data\Desktop\Theme Creation Guide.pdf [2012.06.13 11:27:42 | 000,000,442 | ---- | M] () -- Y:\data\Desktop\TODO _ Analysis [2012.06.09 10:45:14 | 000,000,766 | ---- | M] () -- C:\Users\Public\Desktop\SeaMonkey.lnk [2012.06.09 10:45:14 | 000,000,766 | ---- | M] () -- C:\Users\myName\Application Data\Microsoft\Internet Explorer\Quick Launch\SeaMonkey.lnk [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.29 11:38:29 | 000,001,097 | ---- | C] () -- C:\Users\myName\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2012.06.29 11:38:29 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012.06.28 06:04:37 | 000,000,946 | ---- | C] () -- Y:\data\Desktop\Spybot - Search & Destroy.lnk [2012.06.28 06:04:37 | 000,000,848 | ---- | C] () -- C:\Users\myName\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2012.06.27 23:58:00 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.25 13:46:46 | 000,001,114 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.25 13:46:44 | 000,001,110 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.21 16:00:06 | 000,000,908 | ---- | C] () -- Y:\data\Desktop\openAnalyzer.lnk [2012.06.19 12:51:02 | 000,002,030 | ---- | C] () -- C:\Users\myName\Application Data\Microsoft\Internet Explorer\Quick Launch\UltraCompare.lnk [2012.06.19 12:51:02 | 000,002,006 | ---- | C] () -- C:\Users\Public\Desktop\UltraCompare.lnk [2012.06.19 12:40:18 | 000,000,757 | ---- | C] () -- C:\Users\myName\_viminfo [2012.06.15 11:30:59 | 000,001,018 | ---- | C] () -- Y:\data\Desktop\CheckAud Archiv-Viewer.lnk [2012.06.15 11:28:48 | 000,000,917 | ---- | C] () -- Y:\data\Desktop\CheckAud for Data Analysis.lnk [2012.06.15 08:04:11 | 000,004,235 | ---- | C] () -- Y:\data\Documents\Application.png [2012.06.13 19:31:40 | 000,000,917 | ---- | C] () -- Y:\data\Desktop\CheckAud for Data Analysis.lnk [2012.06.13 18:16:26 | 000,000,126 | ---- | C] () -- Y:\data\Desktop\Theme Builder Anomalies- Themes Incompatible with PowerPoint 2010 and 2011 - PowerPoint, Presentations.url [2012.06.13 14:10:48 | 005,365,186 | ---- | C] () -- Y:\data\Desktop\Theme Creation Guide.pdf [2012.06.12 12:52:43 | 000,045,958 | ---- | C] () -- Y:\data\Documents\hps_am_theme_saveFromPP.thmx [2012.06.12 12:50:50 | 000,016,417 | ---- | C] () -- Y:\data\Documents\hps_oa_theme.thmx [2012.06.12 12:47:42 | 000,016,417 | ---- | C] () -- Y:\data\Documents\hps_am_theme.thmx [2012.06.09 10:45:14 | 000,000,766 | ---- | C] () -- C:\Users\Public\Desktop\SeaMonkey.lnk [2012.06.09 10:45:14 | 000,000,766 | ---- | C] () -- C:\Users\myName\Application Data\Microsoft\Internet Explorer\Quick Launch\SeaMonkey.lnk [2012.01.05 10:05:29 | 000,000,097 | RHS- | C] () -- C:\ProgramData\1.12.0.lic [2011.11.05 21:52:17 | 000,036,864 | ---- | C] () -- C:\Windows\unslive.exe [2011.09.24 18:27:23 | 000,000,017 | ---- | C] () -- C:\Users\myName\AppData\Local\resmon.resmoncfg [2011.08.26 17:50:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.07.12 12:49:54 | 000,004,096 | -H-- | C] () -- C:\Users\myName\AppData\Local\keyfile3.drm [2011.06.15 13:06:55 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI [2011.04.27 11:16:16 | 000,000,030 | ---- | C] () -- C:\Windows\itps.ini [2010.12.22 18:36:27 | 000,000,092 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [2010.11.23 23:36:11 | 000,145,192 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010.10.15 21:15:13 | 000,084,480 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010.08.06 23:17:30 | 000,000,099 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2010.05.25 20:41:56 | 000,017,408 | ---- | C] () -- C:\Users\myName\AppData\Local\WebpageIcons.db [2010.05.10 13:38:08 | 000,038,453 | ---- | C] () -- C:\Users\myName\AppData\Roaming\Microsoft Excel 97-2003.ADR [2010.04.09 09:27:24 | 000,013,015 | ---- | C] () -- C:\Users\myName\AppData\Roaming\Microsoft Excel 97-2003.CAL [2010.03.04 00:13:00 | 000,031,232 | ---- | C] () -- C:\Users\myName\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== LOP Check ========== [2012.02.28 18:10:20 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\.purple [2011.05.27 07:54:18 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\1&1 [2010.10.12 07:50:27 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\AllDup [2010.12.18 15:42:19 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Amazon [2011.04.18 07:01:36 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Audacity [2012.03.13 22:41:16 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\AVM [2010.03.02 12:46:53 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Axialis [2011.10.29 12:57:14 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Azureus [2011.10.29 12:57:14 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\DAEMON Tools Lite [2011.05.09 13:27:32 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Dexpot [2012.06.29 11:30:17 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Dropbox [2012.04.11 08:50:36 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\EXIF Date Changer [2011.04.14 08:33:31 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\FileZilla [2010.04.09 12:25:42 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Foxit Software [2012.05.29 09:10:37 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\GHISLER [2012.01.21 15:09:41 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\GoContactSyncMOD [2012.01.10 15:37:52 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\gtk-2.0 [2010.09.01 07:54:00 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\IObit [2012.05.29 09:10:37 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\IrfanView [2010.03.05 09:12:38 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\JAM Software [2010.08.23 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\JGsoft [2011.11.21 09:13:24 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Leadertech [2010.09.16 15:22:52 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Lutum+Tappert [2010.03.03 17:20:02 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\MZTools Software [2011.12.21 19:08:53 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\NASNaviator2 [2010.10.28 22:26:00 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Nokia [2012.05.29 09:10:36 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Notepad++ [2010.07.28 16:27:28 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Participatory Culture Foundation [2010.10.28 22:22:36 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\PC Suite [2012.03.14 10:50:32 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\PCF-VLC [2010.09.01 07:43:35 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\PersonalBrain [2011.08.24 08:11:23 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\PLANOUT [2011.01.02 11:56:59 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Publish Providers [2010.10.26 12:40:34 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Red Gate [2010.09.03 22:41:03 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\SongBeamer [2011.02.06 21:58:37 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Sony [2011.02.06 22:06:49 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Sony Creative Software Inc [2011.12.14 16:21:06 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\SpeedFiler [2011.04.12 10:00:04 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\SugarCRM [2010.05.25 14:34:53 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Swissrisk [2011.10.26 09:07:42 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\TeamViewer [2012.06.21 09:38:42 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\TeraCopy [2011.10.22 13:48:10 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\TrueCrypt [2010.10.19 10:03:01 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\WMHelp [2010.03.01 16:11:28 | 000,000,000 | ---D | M] -- C:\Users\myName\AppData\Roaming\Xerox [2012.05.02 07:52:24 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > OTL Extras logfile created on: 29.06.2012 11:34:31 - Run 1 OTL by OldTimer - Version 3.2.53.0 Folder = Y:\downloads 64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 52,00% Memory free 7,72 Gb Paging File | 5,74 Gb Available in Paging File | 74,37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,73 Gb Total Space | 6,07 Gb Free Space | 12,46% Space Free | Partition Type: NTFS Drive N: | 1848,39 Gb Total Space | 1235,95 Gb Free Space | 66,87% Space Free | Partition Type: NTFS Drive O: | 1848,39 Gb Total Space | 1235,95 Gb Free Space | 66,87% Space Free | Partition Type: NTFS Drive S: | 1848,39 Gb Total Space | 1235,95 Gb Free Space | 66,87% Space Free | Partition Type: NTFS Drive Y: | 249,26 Gb Total Space | 51,74 Gb Free Space | 20,76% Space Free | Partition Type: NTFS Drive Z: | 48,73 Gb Total Space | 6,07 Gb Free Space | 12,46% Space Free | Partition Type: CSC-CACHE Computer Name: NORDEN | User Name: myUser | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "y:\prg\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Mp3tag] -- "y:\prg\Mp3tag\Mp3tag.exe" "/fp:%1" (Florian Heidenreich) Directory [PlayWithVLC] -- "y:\prg\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "y:\prg\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Mp3tag] -- "y:\prg\Mp3tag\Mp3tag.exe" "/fp:%1" (Florian Heidenreich) Directory [PlayWithVLC] -- "y:\prg\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{102E089B-556E-4C4B-9DCD-1E7C0A4A323B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{27B6ABBE-805B-4D66-BA31-F3943818B2A3}" = rport=139 | protocol=6 | dir=out | app=system | "{548E7E41-C9EC-4E5F-89B3-2A20795A23D9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6618B9FD-2E6B-4942-B9D5-583ED57A1AE7}" = lport=7030 | protocol=6 | dir=in | name=avira security management center agent (incoming) | "{903B2C56-31C1-425B-9833-0A55F788EEE1}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{B0B5FC1C-9441-4117-BDD2-6805E9466EE6}" = lport=8081 | protocol=6 | dir=in | name=planout ports | "{C4D6FF66-0EEB-44F0-9D09-7EB901D9CB94}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01FB46E1-C82C-4293-9F02-703F91242B8B}" = protocol=17 | dir=in | app=y:\prg\hps\planungsmanager\resmgrw.exe | "{08701768-45A4-412C-8DED-7B4E10F4E04E}" = protocol=17 | dir=in | app=y:\prg\hps\planungsmanager\planoutw.exe | "{08EEDE8D-86F4-412C-87D5-823E4B3E854E}" = protocol=6 | dir=in | app=c:\program files (x86)\buffalo\nasnavi\nasnavi.exe | "{0A94CD0C-DC3E-4FF9-83AB-8A4FA4A1DDE3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{0D4B46F6-62E4-4A1A-9FA3-F8B19A339454}" = protocol=6 | dir=in | app=c:\users\myUser\appdata\roaming\dropbox\bin\dropbox.exe | "{118A771B-5D13-42F6-B802-C10FF22AEBB5}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe | "{13D8A0DF-2A8D-4D67-94D2-7190AD12B97E}" = protocol=6 | dir=in | app=y:\data\desktop\work\transfer hps\xgen\x-gen_3.5.0.5_prod\x-gen3.5.0.5\bin\windows\tclkit.exe | "{1ADBF8BF-5CBF-46FE-B5D6-F8D3152AE4CF}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "{1CF7AE9D-CCCA-45BE-8D95-5968A8A4B363}" = protocol=17 | dir=in | app=y:\prg\netviewer\netviewer_support.exe | "{20D82F26-A099-4115-93F2-9B6E693BC659}" = protocol=6 | dir=in | app=c:\program files (x86)\avira\avira security management center agent\agent.exe | "{270DA0D0-39F8-402F-8DAA-06ABA7927EE0}" = protocol=17 | dir=in | app=y:\downloads\netviewer_support(4).exe | "{2BE85A76-32B7-42C3-BA84-10C3977D187E}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe | "{2BFA7DFF-4A39-4DA5-BFA7-661FEAC008D5}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware-authd.exe | "{30FC7810-70B7-45FD-AA34-ADD84A1C5FE1}" = protocol=17 | dir=in | app=c:\program files (x86)\buffalo\nasnavi\nasnavi.exe | "{392D4492-535E-49B9-9BF3-5BC05F1F7F73}" = protocol=17 | dir=in | app=c:\program files (x86)\totalcmd\totalcmd.exe | "{3E3E1A2F-89DC-48A7-9080-F6D64D50FD26}" = protocol=6 | dir=in | app=y:\prg\netviewer\netviewer_support.exe | "{3EEC4AC1-8E13-43AF-81B3-1C8F1D45184F}" = protocol=6 | dir=in | app=y:\prg\hps\planungsmanager\planoutw.exe | "{3F42C55F-3353-4CC6-8A46-B5A697F8708F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{4C27F916-184A-486E-93E6-795F7FA43E34}" = protocol=6 | dir=in | app=h:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe | "{4C7AE787-E46B-4F63-AFA4-48A0614033CD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{523F5F1F-BC1A-4628-AAA6-E677A1C77EE4}" = protocol=17 | dir=in | app=h:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe | "{534931BE-00B3-413E-B00A-41324AA824F6}" = protocol=6 | dir=in | app=f:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe | "{5566BA53-94BD-4825-8703-BF8E9C2B0938}" = protocol=6 | dir=in | app=c:\users\myUser\appdata\local\netviewer\netviewer_support.exe | "{56CF6FA8-96CB-4447-A1EC-8BE09A24C20A}" = protocol=6 | dir=in | app=c:\program files (x86)\totalcmd\totalcmd.exe | "{5E5F9481-3683-44BD-8C3B-EA95C99B5200}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | "{5EEC9825-867A-4479-AE29-E51D91798A44}" = protocol=6 | dir=in | app=y:\downloads\netviewer_support(2).exe | "{60794EBE-7A1A-492A-A5D3-78630196C64D}" = protocol=6 | dir=in | app=y:\prg\netviewer\nv_support_berater_de.exe | "{64C39FE1-F298-45A9-91E5-A5AADE5A48C0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{6C0AEC22-F6DB-47C5-91C0-CFEA709506BC}" = protocol=6 | dir=in | app=y:\downloads\netviewer_support.exe | "{7623E333-6CCA-47CA-A68F-056F7FB8DB1B}" = protocol=17 | dir=in | app=c:\program files (x86)\buffalo\nasnavi\nasnavi.exe | "{7890A128-4490-495B-8E8F-C842B540A4C4}" = protocol=6 | dir=in | app=y:\prg\teamviewer\version6\teamviewer_service.exe | "{789A4332-4910-4F66-A234-374D4577A4A6}" = protocol=6 | dir=in | app=y:\downloads\netviewer_support(4).exe | "{79760BB9-AA7F-4C42-877D-41E3861FDD5E}" = protocol=17 | dir=in | app=y:\downloads\netviewer_support.exe | "{7C256A16-68A1-4538-984A-0BF4DE850B13}" = protocol=6 | dir=in | app=y:\downloads\netviewer_support(3).exe | "{7C51FB82-1C8C-4912-9E16-53B505BBE50A}" = protocol=6 | dir=in | app=c:\users\myUser\appdata\local\netviewer\netviewer_support1.exe | "{81EE7350-7690-45EE-9082-3866D2E898E2}" = protocol=17 | dir=in | app=c:\program files (x86)\avira\avira security management center agent\agent.exe | "{83EB8E5F-9192-4E2A-B91A-EB32E0E8434F}" = protocol=6 | dir=in | app=y:\prg\mseven software\msecure\msecure.exe | "{8C7D3E63-856E-429E-A3FE-71FF4B42A09B}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | "{9033BEA1-828C-4DA5-86C9-D764FB917541}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{92D12F85-1BDC-44BA-A2F4-49FD966116B6}" = protocol=17 | dir=in | app=y:\downloads\netviewer_support(1).exe | "{95594378-DDED-486B-8BF5-4F850F40CAA2}" = protocol=17 | dir=in | app=c:\users\myUser\appdata\local\netviewer\netviewer_support.exe | "{99CF787D-D4FC-40FE-BA8F-55A40CB79311}" = protocol=17 | dir=in | app=y:\prg\teamviewer\version6\teamviewer.exe | "{9AB42C93-E7B5-4282-96B0-B2402E4911DC}" = protocol=6 | dir=in | app=c:\program files (x86)\buffalo\nasnavi\nasnavi.exe | "{9B6530EF-3AA6-4414-8BF6-213EC25C7895}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe | "{9DBA0EEC-D559-4A22-9517-2A591C18E876}" = protocol=17 | dir=in | app=c:\users\myUser\appdata\roaming\dropbox\bin\dropbox.exe | "{A21113BF-B5A9-4F0F-A8BD-B63215A3B656}" = protocol=6 | dir=in | app=y:\downloads\netviewer_support(1).exe | "{A2FCF7D3-570B-4D77-A652-27A4F7D9E873}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe | "{A84CE47F-5A20-4531-AB0A-248D5E6B1C96}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{AD901C93-5B21-4229-A850-F72431CC11C7}" = protocol=17 | dir=in | app=y:\downloads\netviewer_support(2).exe | "{ADC4EE5B-79AD-4519-92BF-4867E7F52F21}" = protocol=17 | dir=in | app=y:\prg\teamviewer\version6\teamviewer_service.exe | "{AE64498B-DC95-46C7-ACA1-56C31396CB58}" = protocol=6 | dir=in | app=c:\users\myUser\appdata\roaming\dropbox\bin\dropbox.exe | "{AF8D7000-6935-4DAB-AC8C-81FDFA87DD0F}" = protocol=17 | dir=in | app=y:\downloads\netviewer_support(3).exe | "{B50D96D9-E7CB-4485-BDE0-2BAD34567896}" = protocol=17 | dir=in | app=y:\prg\videolan\vlc\vlc.exe | "{BF5673E3-0759-4CA4-B0D9-909FD8ABE59F}" = protocol=17 | dir=in | app=c:\users\myUser\appdata\local\netviewer\netviewer_support1.exe | "{C4929E03-A11B-4B93-9CFC-8A452BE1E519}" = protocol=17 | dir=in | app=y:\prg\aoe\empires2.exe | "{C80D8687-EF69-4BBB-86B3-70DACFDB816B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{CA5593B9-E130-43B3-8EE5-6AB704074F6A}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "{CE1D99CF-028C-48BF-B30F-BF1055681C66}" = protocol=17 | dir=in | app=c:\users\myUser\appdata\roaming\dropbox\bin\dropbox.exe | "{D3AD9920-C392-4B63-B5FA-0F7CF9A99BF8}" = protocol=17 | dir=in | app=y:\prg\filezilla ftp client\filezilla.exe | "{D3C3596C-3483-48CE-8232-AF340F32EA72}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware-authd.exe | "{D639A8E6-3462-4A44-B1BD-511D9653C051}" = protocol=17 | dir=in | app=y:\prg\netviewer\nv_support_berater_de.exe | "{D9258EA1-C017-44EA-80C4-FEE9C75600E2}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware-authd.exe | "{DC2A9386-4E0A-49E6-8C8E-0E3AF835B8B6}" = protocol=17 | dir=in | app=f:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe | "{DCC87AA3-7DD8-4C06-A5EC-4130941F35DE}" = protocol=6 | dir=in | app=y:\prg\aoe\empires2.exe | "{DF8648A2-1CB4-48E1-845C-55495B0B53C3}" = protocol=6 | dir=in | app=y:\prg\videolan\vlc\vlc.exe | "{EA5773D5-0BE7-42B6-B9F5-077F6FD86C0F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{EAFD8585-1263-47E1-A1BD-61D74BD08560}" = protocol=17 | dir=in | app=y:\prg\mseven software\msecure\msecure.exe | "{F10C9539-3E08-4B19-9481-45941249BDC1}" = protocol=17 | dir=in | app=y:\data\desktop\work\transfer hps\xgen\x-gen_3.5.0.5_prod\x-gen3.5.0.5\bin\windows\tclkit.exe | "{F328FDA7-B9D3-4802-AFAB-5F1C8F181D7D}" = protocol=6 | dir=in | app=y:\prg\filezilla ftp client\filezilla.exe | "{F49895E4-E16C-4DED-A97B-4F279D0F01F9}" = dir=in | app=y:\prg\itunes\itunes.exe | "{F82A3638-AA79-48CB-9E95-AB08CEE4950D}" = protocol=6 | dir=in | app=y:\prg\teamviewer\version6\teamviewer.exe | "{F89C764E-DE7A-4BA4-957F-1E34117DCE77}" = protocol=6 | dir=in | app=y:\prg\hps\planungsmanager\resmgrw.exe | "{F90D554B-FC1F-4B63-BEAA-9FD9F8C2464E}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware-authd.exe | "{FE4B48DF-3E66-4C16-A072-173AB1694A0C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "TCP Query User{01E69705-EAA1-4410-A055-56D7C8D5CA73}Y:\data\desktop\work\transfer hps\xgen\x-gen_3.5.0.5_prod\x-gen3.5.0.5\bin\windows\tclkit.exe" = protocol=6 | dir=in | app=y:\data\desktop\work\transfer hps\xgen\x-gen_3.5.0.5_prod\x-gen3.5.0.5\bin\windows\tclkit.exe | "TCP Query User{064953DB-7DC8-41BA-B26C-598DB9D47D96}F:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=f:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe | "TCP Query User{0A477924-471E-40C4-9270-E4308064E828}Y:\prg\hps\planungsmanager\resmgrw.exe" = protocol=6 | dir=in | app=y:\prg\hps\planungsmanager\resmgrw.exe | "TCP Query User{1D84477C-3359-4F92-BFD3-D2DECA5E425E}Y:\prg\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=y:\prg\videolan\vlc\vlc.exe | "TCP Query User{21EB13AC-2728-4644-89B3-DA7FB06C7780}Y:\downloads\netviewer_support(3).exe" = protocol=6 | dir=in | app=y:\downloads\netviewer_support(3).exe | "TCP Query User{33FF4FC3-588B-421A-8124-7919D9C33131}Y:\downloads\netviewer_support.exe" = protocol=6 | dir=in | app=y:\downloads\netviewer_support.exe | "TCP Query User{3BE3978E-4A52-4941-8F0C-95778C7DA874}Y:\prg\netviewer\netviewer_support.exe" = protocol=6 | dir=in | app=y:\prg\netviewer\netviewer_support.exe | "TCP Query User{46990C63-8B4B-4C5D-9EE3-44AEE1CD711D}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "TCP Query User{4C3A9BC9-07B0-4299-9E97-DC7F5B172FD5}Y:\prg\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=y:\prg\filezilla ftp client\filezilla.exe | "TCP Query User{5B373330-059D-4E65-97EE-AD6F39636CBA}H:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=h:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe | "TCP Query User{7675C748-B84D-412E-B2F7-9C4E22205018}Y:\prg\aoe\empires2.exe" = protocol=6 | dir=in | app=y:\prg\aoe\empires2.exe | "TCP Query User{802E3A5E-6968-480D-8C7C-4EAE0E4295B2}C:\users\myUser\appdata\local\netviewer\netviewer_support.exe" = protocol=6 | dir=in | app=c:\users\myUser\appdata\local\netviewer\netviewer_support.exe | "TCP Query User{803D250E-D833-4729-A35D-FB49315AB0B1}C:\users\myUser\appdata\local\netviewer\netviewer_support1.exe" = protocol=6 | dir=in | app=c:\users\myUser\appdata\local\netviewer\netviewer_support1.exe | "TCP Query User{9B9F9C4B-2F62-44DB-A4BC-CE1EB47E9C87}Y:\prg\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=y:\prg\mozilla firefox\firefox.exe | "TCP Query User{A2F8C943-A4F8-4AC5-9D55-2A4D5D5C5226}Y:\downloads\netviewer_support(2).exe" = protocol=6 | dir=in | app=y:\downloads\netviewer_support(2).exe | "TCP Query User{AC4F4ACF-AB81-4E18-8655-5CC741E2DF95}C:\windows\syswow64\xrsslm12.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\xrsslm12.exe | "TCP Query User{B76D8671-688E-4279-A14C-73BF698693E2}Y:\downloads\netviewer_support(1).exe" = protocol=6 | dir=in | app=y:\downloads\netviewer_support(1).exe | "TCP Query User{C41692AB-20E4-4B2D-8333-E26E0A714666}C:\program files (x86)\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\totalcmd\totalcmd.exe | "TCP Query User{C938D83F-16C1-4695-8252-8B16A2063330}Y:\prg\netviewer\nv_support_berater_de.exe" = protocol=6 | dir=in | app=y:\prg\netviewer\nv_support_berater_de.exe | "TCP Query User{CCBDDB30-7233-471D-A9CA-CBEE10C66E16}Y:\prg\mseven software\msecure\msecure.exe" = protocol=6 | dir=in | app=y:\prg\mseven software\msecure\msecure.exe | "TCP Query User{E9FBD102-91EE-4957-B21C-8ED672BA9BBD}Y:\downloads\netviewer_support(4).exe" = protocol=6 | dir=in | app=y:\downloads\netviewer_support(4).exe | "TCP Query User{F0D34B02-6B97-42B6-B696-0FE5009FFD72}Y:\prg\hps\planungsmanager\planoutw.exe" = protocol=6 | dir=in | app=y:\prg\hps\planungsmanager\planoutw.exe | "UDP Query User{0D6914E0-C5BD-49FD-80F5-4273997F0FDF}Y:\prg\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=y:\prg\mozilla firefox\firefox.exe | "UDP Query User{1654950D-8826-4635-8D75-D3098E36F968}Y:\prg\hps\planungsmanager\planoutw.exe" = protocol=17 | dir=in | app=y:\prg\hps\planungsmanager\planoutw.exe | "UDP Query User{17D86112-CB1A-4E97-8CBC-E01B515FAF25}Y:\downloads\netviewer_support(2).exe" = protocol=17 | dir=in | app=y:\downloads\netviewer_support(2).exe | "UDP Query User{402C8ADF-3F91-4393-B431-77FD48852E67}Y:\downloads\netviewer_support(3).exe" = protocol=17 | dir=in | app=y:\downloads\netviewer_support(3).exe | "UDP Query User{4F55A872-3BED-4153-A672-E117C821AB20}Y:\downloads\netviewer_support(1).exe" = protocol=17 | dir=in | app=y:\downloads\netviewer_support(1).exe | "UDP Query User{69CD4741-8BC7-4348-B934-938356272BB4}H:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=h:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe | "UDP Query User{75FA66C5-F109-4DEA-8AB8-A89BBFAF4F18}C:\program files (x86)\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\totalcmd\totalcmd.exe | "UDP Query User{7A5EF9ED-588E-4869-A01B-27B963FA3810}Y:\prg\hps\planungsmanager\resmgrw.exe" = protocol=17 | dir=in | app=y:\prg\hps\planungsmanager\resmgrw.exe | "UDP Query User{7A751DE6-65ED-47D8-97CC-F5D1BDAEF257}Y:\downloads\netviewer_support(4).exe" = protocol=17 | dir=in | app=y:\downloads\netviewer_support(4).exe | "UDP Query User{7B124A46-6D35-452D-BC89-FC001059E908}Y:\prg\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=y:\prg\videolan\vlc\vlc.exe | "UDP Query User{892007A8-CBD7-4CFC-A80C-1A8131D62675}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "UDP Query User{9BBA1CB6-E643-4FFF-8E68-40A8F7254A54}Y:\prg\mseven software\msecure\msecure.exe" = protocol=17 | dir=in | app=y:\prg\mseven software\msecure\msecure.exe | "UDP Query User{A5FF4F17-F2DF-4193-9DA1-34F0E246549A}C:\users\myUser\appdata\local\netviewer\netviewer_support1.exe" = protocol=17 | dir=in | app=c:\users\myUser\appdata\local\netviewer\netviewer_support1.exe | "UDP Query User{B1FD11D4-D877-47C8-97C4-27BEE4819AE1}Y:\data\desktop\work\transfer hps\xgen\x-gen_3.5.0.5_prod\x-gen3.5.0.5\bin\windows\tclkit.exe" = protocol=17 | dir=in | app=y:\data\desktop\work\transfer hps\xgen\x-gen_3.5.0.5_prod\x-gen3.5.0.5\bin\windows\tclkit.exe | "UDP Query User{BCE2206A-5962-4BE8-B5DC-A57E827FF797}Y:\prg\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=y:\prg\filezilla ftp client\filezilla.exe | "UDP Query User{D5C82903-43F2-4F8F-AD0B-E1328BDF841B}C:\users\myUser\appdata\local\netviewer\netviewer_support.exe" = protocol=17 | dir=in | app=c:\users\myUser\appdata\local\netviewer\netviewer_support.exe | "UDP Query User{D7EB8597-6112-4348-811B-2BB46F725082}Y:\prg\netviewer\nv_support_berater_de.exe" = protocol=17 | dir=in | app=y:\prg\netviewer\nv_support_berater_de.exe | "UDP Query User{DF06E282-214B-4262-8F90-26A64C4A4644}F:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=f:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe | "UDP Query User{DF8047CF-834B-4E3D-9902-8F991FEE8BC5}Y:\prg\netviewer\netviewer_support.exe" = protocol=17 | dir=in | app=y:\prg\netviewer\netviewer_support.exe | "UDP Query User{E63A7EF7-2BF4-40FF-A789-1E4AD0DB5D4D}C:\windows\syswow64\xrsslm12.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\xrsslm12.exe | "UDP Query User{F4B96ABB-C34D-43C6-8365-90F46097F497}Y:\downloads\netviewer_support.exe" = protocol=17 | dir=in | app=y:\downloads\netviewer_support.exe | "UDP Query User{FBF6D70C-6A34-4792-B9C5-3A8EFE80342B}Y:\prg\aoe\empires2.exe" = protocol=17 | dir=in | app=y:\prg\aoe\empires2.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1280B35E-22D6-4172-813A-8FF566456DEE}" = Microsoft SQL Server 2005 Tools (64-bit) "{18C5A65B-0A39-40B5-B958-63055AFAB65C}" = Microsoft SQL Server Setup Support Files (English) "{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit) "{26F1A218-3158-4107-B3A6-37FD61CEE969}" = Microsoft SQL Server 2005 (64-bit) "{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer "{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU "{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{5001E5BC-C9BF-4598-AB89-E7318C76C5F4}" = FRITZ!Fernzugang "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{62D2F823-0EAA-496D-B0F9-A869BFC51550}" = Microsoft SQL Server 2005 Backward compatibility "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client "{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2 "{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support "{BBBE35B2-9349-3C48-BD3D-F574B17C7924}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 "{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU "{C44218B2-EC4D-4EB9-A3E3-F8F4A46927EC}" = MySQL Connector/ODBC 5.1 "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes "{E0FE1E14-3A7A-4DB0-9FFA-0DD945AE84DB}" = HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät "{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "3932CA781A7894D20116FDF60F878301800EA8AB" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) "3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) "6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) "A5B98551C6BA1C24D2FDDFB2E1764339D449F74D" = Windows Driver Package - Intel (NETw5v64) net (09/15/2009 13.0.0.107) "B540836D57069F83653778772EE56C5408F1B192" = Windows Driver Package - Intel (NETw5s64) net (09/15/2009 13.0.0.107) "CCleaner" = CCleaner "CNXT_AUDIO_HDA" = Conexant 20585 SmartAudio HD "LENOVO.SMIIF" = Lenovo System Interface Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU "Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2 "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 (64-bit) "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "MyDefrag v4.2.8_is1" = MyDefrag v4.2.8 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "OnScreenDisplay" = On Screen Display "Power Management Driver" = ThinkPad Power Management Driver "SynTPDeinstKey" = ThinkPad UltraNav Driver "TeraCopy_is1" = TeraCopy 2.12 "ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier "Totalcmd64" = Total Commander 64-bit (Remove or Repair) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU "{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}" = RICOH R5U230 Media Driver ver.2.06.02.02 "{08F32589-5E39-42B8-8BC5-6A8126ED2A70}" = Microsoft Visual C++ 2008 Redistributable Package "{091FACEE-A240-42D4-AD71-26E8DFB38F43}" = GO Contact Sync Mod "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}" = UltraCompare "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33 "{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1" = EXIF Date Changer v2.62 "{2AC9E096-C0EF-48B6-8347-C9520457BC58}" = SQL Prompt 4 "{2B69AD59-FA30-47fc-B950-FA27E7D16A73}_is1" = MZ-Tools 3.0 für VBA "{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime "{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0 "{47253CA3-91F3-474B-9EF0-0B64EBBA9FEE}" = NovaBACKUP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types "{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3 "{5C8A48CD-A931-48CE-89BF-944F19AFE0AD}" = SQL Search 1 "{5D2C47DC-3441-4438-84B4-4FE422C64EC5}" = SugarCRM Plug-in for Microsoft Excel "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package "{68BA90DE-424A-493E-B069-4EB33590C96C}" = Deaktivierungs-Add-on für Browser von Google Analytics "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{718CCDCB-A709-4781-8D64-27ADFB25827A}" = WMHelp XmlPad "{7238391B-4BF4-41D9-B13A-3592DA160FFC}" = SQL Packager 6 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{74480BA5-D91E-45E5-8DF7-0E5799CE8B48}" = mSecure "{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iPhone Explorer 2.1.2.3 "{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine "{81C9205D-3BC2-4059-A303-61405032A482}" = Xerox Network Scanner Utility2 "{8292F88E-2DB7-456B-A8F1-9079B7432A1E}" = DVD Architect Studio 5.0 "{84639CB3-04D4-4758-B1D0-82E531D21F59}" = HD Writer AE 2.0 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}" = HP Officejet Pro 8500 A910 Hilfe "{88EDDB8C-68A0-4C28-B89A-35A33A6E3FBE}" = SQL Backup 6 "{8944ED10-DBF2-4FA9-8B5D-D7E1B046C761}_is1" = ColdCut "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components "{90120000-00A7-0407-0000-0000000FF1CE}" = Kalenderdruck-Assistent für Microsoft Office Outlook 2007 "{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English) "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 "{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 "{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM "{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AD6E95E-ACA4-49C1-B7C5-84C7749EC1F1}" = NMath 5.1 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A05C0671-4A6F-4219-9039-C5C60A702BA3}" = SQL Doc 2 "{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects "{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation "{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AE09704D-9051-4C25-B940-77F889F0C93F}" = OVTScanner_Vista64 "{AE75AF6A-22AC-4497-AE20-9FA4F4B10050}" = Netviewer Support "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite "{BC77989B-4A2A-44CB-8E61-89FB0B71B98B}" = NMath Stats 3.4 "{C0FCA07F-AC31-4261-AFFD-A746F737ECD1}" = L+T EasyMap 9.3 "{C28F2126-8655-49BA-BA5E-0131404EA7C8}" = SugarOutlook "{C3CD17B4-08B0-492D-8A4C-81716D33E520}" = Integrated Camera Driver Installer Package Ver.1.1.0.19 "{CAE714C6-8EF2-4EDD-A244-C41AAA873944}" = SQL Dependency Tracker 2 "{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU "{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver "{D812E24D-4BD2-4140-93DD-7783B9162A36}" = SQL Multi Script 1 "{DD0B73DF-3B16-4729-9381-E5319A0B2875}" = Qualcomm Gobi 2000 Package for Lenovo "{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86 "{E38294D0-DF92-49A3-B36C-BFC1979CE782}" = SQL Compare 8 "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English "{E69BB189-4B20-46AE-93CF-59099F05FC3F}" = OutlookTools 2 "{EA73B482-3C8E-4FA7-B6A6-9D8E48E27920}" = SQL Data Compare 8 "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EC1399E4-A960-4101-B346-34A2A088633F}" = Theme Builder "{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater "{EFADD989-D9F2-49F6-A280-675951CC78D3}" = FRITZ!Box-Fernzugang einrichten "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F3493E2F-B147-4EDD-9AE2-5DEDB8776232}" = Avira Security Management Center Agent "{FBDCDFA2-6950-46A1-B31E-B1B3DF08242B}" = Miro Video Converter "{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Age of Empires 2.0" = Microsoft Age of Empires II "AllDup_is1" = AllDup 1.7.13 "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9 "AnyPassword Pro_is1" = AnyPassword Pro 1.04 "Audacity_is1" = Audacity 1.2.6 "AudibleDownloadManager" = Audible Download Manager "Avira AntiVir Desktop" = Avira AntiVir Professional "B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind "Chapter Master_is1" = Chapter Master 1.2.5 "CheckAud Archiv-Viewer1.1" = CheckAud Archiv-Viewer "CheckAud for Data Analysis2.4" = CheckAud for Data Analysis "DivX Setup.divx.com" = DivX-Setup "DreamCoder for MySQL Enterprise Freeware Edition_is1" = DreamCoder for MySQL 6.0 "EditPad Pro 6" = Just Great Software EditPad Pro 6 v.6.5.2 "EURACOM 3D02" = EURACOM 3D02 "EURACOM 3D10.2F" = EURACOM 3D10.2F "ffdshow_is1" = ffdshow [rev 2946] [2009-05-15] "FileZilla Client" = FileZilla Client 3.3.2 "Foxit Reader" = Foxit Reader "GoToAssist Express Customer" = GoToAssist Express Customer 1.4.0.223 "hps mySoftware1.4" = hps mySoftware "hps mySoftware2.2" = hps mySoftware "hps mySoftware2.3" = hps mySoftware "hps mySoftware2.4" = hps mySoftware "hps Prüfungsmanager" = hps Prüfungsmanager "HotKeyz_is1" = HotKeyz 2.8.3 "IconWorkshop" = Axialis IconWorkshop 6.33 "InstallShield_{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}" = UltraCompare "IrfanView" = IrfanView (remove only) "JkDefragGUI 1.16" = JkDefragGUI 1.16 "LAME for Audacity_is1" = LAME v3.98.3 for Audacity "LKontoLb Kontonummernprüfung Entwickler" = LKontoLb Kontonummernprüfung Entwickler "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400 "MarkAble2_is1" = MarkAble 2.2.8 "Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package "Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime "Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Mp3tag" = Mp3tag v2.45a "Nokia Ovi Suite" = Nokia Ovi Suite "Notepad++" = Notepad++ "NovaBACKUP" = NovaBACKUP "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "OpenVPN" = OpenVPN 2.1.1 "PhoneSuite_CTI_Client (y|_prg_)" = PhoneSuite_CTI_Client (y:\prg\) "PowerGREP 3" = JGsoft PowerGREP 3 v.3.5.2 "RegexBuddy 3" = JGsoft RegexBuddy 3 v.3.3.0 "ScenalyzerLive" = ScenalyzerLive (entfernen) "SEABURG - 8590" = SEABURG - 8590 "SeaMonkey (2.10)" = SeaMonkey (2.10) "SpeedFiler" = SpeedFiler 2.0.0 "SyncBack_is1" = SyncBack "TeamViewer 6" = TeamViewer 6 "Totalcmd" = Total Commander (Remove or Repair) "TrueCrypt" = TrueCrypt "UltraSearch_is1" = UltraSearch V1.2 "UN060501" = BUFFALO NAS Navigator2 "Videoload Manager" = Videoload Manager 2.0.2192 "VirtualCloneDrive" = VirtualCloneDrive "VLC media player" = VLC media player 1.1.5 "VMware_Workstation" = VMware Workstation "WinCDEmu" = WinCDEmu "WinMerge_is1" = WinMerge 2.12.4 "Zattoo4" = Zattoo4 4.0.5 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2854375698-3784374130-2371189389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Google Chrome" = Google Chrome "GoToMeeting" = GoToMeeting 4.5.0.457 "hps NAS" = hps NAS "NumberScan" = NumberScan "STANLY Track" = STANLY Track "WinDirStat" = WinDirStat 1.1.2 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 27.06.2012 18:45:59 | Computer Name = NORDEN | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 27.06.2012 18:45:59 | Computer Name = NORDEN | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 8065 Error - 27.06.2012 18:45:59 | Computer Name = NORDEN | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8065 Error - 28.06.2012 01:21:37 | Computer Name = NORDEN | Source = MSSQLSERVER | ID = 17207 Description = FCB::Open: Operating system error 3(Das System kann den angegebenen Pfad nicht finden.) occurred while creating or opening file 'F:\pm_lkstade.mdf'. Diagnose and correct the operating system error, and retry the operation. Error - 28.06.2012 01:21:37 | Computer Name = NORDEN | Source = MSSQLSERVER | ID = 17204 Description = FCB::Open failed: Could not open file F:\pm_lkstade.mdf for file number 1. OS error: 3(Das System kann den angegebenen Pfad nicht finden.). Error - 28.06.2012 01:21:37 | Computer Name = NORDEN | Source = MSSQLSERVER | ID = 17207 Description = FileMgr::StartLogFiles: Operating system error 2(Das System kann die angegebene Datei nicht finden.) occurred while creating or opening file 'F:\pm_lkstade_2.ldf'. Diagnose and correct the operating system error, and retry the operation. Error - 28.06.2012 11:31:07 | Computer Name = NORDEN | Source = MSSQLSERVER | ID = 17207 Description = FCB::Open: Operating system error 3(Das System kann den angegebenen Pfad nicht finden.) occurred while creating or opening file 'F:\pm_lkstade.mdf'. Diagnose and correct the operating system error, and retry the operation. Error - 28.06.2012 11:31:07 | Computer Name = NORDEN | Source = MSSQLSERVER | ID = 17204 Description = FCB::Open failed: Could not open file F:\pm_lkstade.mdf for file number 1. OS error: 3(Das System kann den angegebenen Pfad nicht finden.). Error - 28.06.2012 11:31:08 | Computer Name = NORDEN | Source = MSSQLSERVER | ID = 17207 Description = FileMgr::StartLogFiles: Operating system error 2(Das System kann die angegebene Datei nicht finden.) occurred while creating or opening file 'F:\pm_lkstade_2.ldf'. Diagnose and correct the operating system error, and retry the operation. Error - 28.06.2012 12:28:33 | Computer Name = NORDEN | Source = MsiInstaller | ID = 11001 Description = Error - 29.06.2012 05:27:45 | Computer Name = NORDEN | Source = MSSQLSERVER | ID = 17207 Description = FCB::Open: Operating system error 3(Das System kann den angegebenen Pfad nicht finden.) occurred while creating or opening file 'F:\pm_lkstade.mdf'. Diagnose and correct the operating system error, and retry the operation. Error - 29.06.2012 05:27:45 | Computer Name = NORDEN | Source = MSSQLSERVER | ID = 17204 Description = FCB::Open failed: Could not open file F:\pm_lkstade.mdf for file number 1. OS error: 3(Das System kann den angegebenen Pfad nicht finden.). Error - 29.06.2012 05:27:46 | Computer Name = NORDEN | Source = MSSQLSERVER | ID = 17207 Description = FileMgr::StartLogFiles: Operating system error 2(Das System kann die angegebene Datei nicht finden.) occurred while creating or opening file 'F:\pm_lkstade_2.ldf'. Diagnose and correct the operating system error, and retry the operation. [ Red Gate Software Events ] Error - 02.05.2012 02:50:04 | Computer Name = NORDEN | Source = SQL Prompt 4 | ID = 0 Description = 2012-05-02 08:50:04,414 [11] ERROR RedGate.SqlPrompt.Engine.LogService [(null)] - LogService caught unhandled exception in AppDomain: 'Der Thread wurde abgebrochen.' System.Threading.ThreadAbortException: Der Thread wurde abgebrochen. bei RedGate.SQLPrompt.CommonUI.TaskExecuter.Executer.a() bei System.Threading.ThreadHelper.ThreadStart_Context(Object state) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) bei System.Threading.ThreadHelper.ThreadStart() Error - 03.05.2012 10:56:28 | Computer Name = NORDEN | Source = SQL Prompt 4 | ID = 0 Description = 2012-05-03 16:56:28,780 [11] ERROR RedGate.SqlPrompt.Engine.LogService [(null)] - LogService caught unhandled exception in AppDomain: 'Der Thread wurde abgebrochen.' System.Threading.ThreadAbortException: Der Thread wurde abgebrochen. bei RedGate.SQLPrompt.CommonUI.TaskExecuter.Executer.a() bei System.Threading.ThreadHelper.ThreadStart_Context(Object state) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) bei System.Threading.ThreadHelper.ThreadStart() Error - 04.05.2012 07:48:47 | Computer Name = NORDEN | Source = SQL Prompt 4 | ID = 0 Description = 2012-05-04 13:48:47,666 [11] ERROR RedGate.SqlPrompt.Engine.LogService [(null)] - LogService caught unhandled exception in AppDomain: 'Der Thread wurde abgebrochen.' System.Threading.ThreadAbortException: Der Thread wurde abgebrochen. bei RedGate.SQLPrompt.CommonUI.TaskExecuter.Executer.a() bei System.Threading.ThreadHelper.ThreadStart_Context(Object state) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) bei System.Threading.ThreadHelper.ThreadStart() Error - 08.05.2012 05:53:53 | Computer Name = NORDEN | Source = SQL Prompt 4 | ID = 0 Description = 2012-05-08 11:53:53,528 [11] ERROR RedGate.SqlPrompt.Engine.LogService [(null)] - LogService caught unhandled exception in AppDomain: 'Der Thread wurde abgebrochen.' System.Threading.ThreadAbortException: Der Thread wurde abgebrochen. bei RedGate.SQLPrompt.CommonUI.TaskExecuter.Executer.a() bei System.Threading.ThreadHelper.ThreadStart_Context(Object state) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) bei System.Threading.ThreadHelper.ThreadStart() Error - 14.05.2012 15:27:10 | Computer Name = NORDEN | Source = SQL Prompt 4 | ID = 0 Description = 2012-05-14 21:27:10,566 [11] ERROR RedGate.SqlPrompt.Engine.LogService [(null)] - LogService caught unhandled exception in AppDomain: 'Der Thread wurde abgebrochen.' System.Threading.ThreadAbortException: Der Thread wurde abgebrochen. bei RedGate.SQLPrompt.CommonUI.TaskExecuter.Executer.a() bei System.Threading.ThreadHelper.ThreadStart_Context(Object state) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) bei System.Threading.ThreadHelper.ThreadStart() Error - 31.05.2012 11:39:51 | Computer Name = NORDEN | Source = SQL Prompt 4 | ID = 0 Description = 2012-05-31 17:39:51,391 [11] ERROR RedGate.SqlPrompt.Engine.LogService [(null)] - LogService caught unhandled exception in AppDomain: 'Der Thread wurde abgebrochen.' System.Threading.ThreadAbortException: Der Thread wurde abgebrochen. bei RedGate.SQLPrompt.CommonUI.TaskExecuter.Executer.a() bei System.Threading.ThreadHelper.ThreadStart_Context(Object state) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) bei System.Threading.ThreadHelper.ThreadStart() Error - 05.06.2012 10:27:52 | Computer Name = NORDEN | Source = SQL Prompt 4 | ID = 0 Description = 2012-06-05 16:27:52,776 [11] ERROR RedGate.SqlPrompt.Engine.LogService [(null)] - LogService caught unhandled exception in AppDomain: 'Der Thread wurde abgebrochen.' System.Threading.ThreadAbortException: Der Thread wurde abgebrochen. bei RedGate.SQLPrompt.CommonUI.TaskExecuter.Executer.a() bei System.Threading.ThreadHelper.ThreadStart_Context(Object state) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) bei System.Threading.ThreadHelper.ThreadStart() Error - 06.06.2012 04:15:55 | Computer Name = NORDEN | Source = SQL Prompt 4 | ID = 0 Description = 2012-06-06 10:15:55,949 [11] ERROR RedGate.SqlPrompt.Engine.LogService [(null)] - LogService caught unhandled exception in AppDomain: 'Der Thread wurde abgebrochen.' System.Threading.ThreadAbortException: Der Thread wurde abgebrochen. bei RedGate.SQLPrompt.CommonUI.TaskExecuter.Executer.a() bei System.Threading.ThreadHelper.ThreadStart_Context(Object state) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) bei System.Threading.ThreadHelper.ThreadStart() Error - 08.06.2012 08:25:07 | Computer Name = NORDEN | Source = SQL Prompt 4 | ID = 0 Description = 2012-06-08 14:25:07,657 [11] ERROR RedGate.SqlPrompt.Engine.LogService [(null)] - LogService caught unhandled exception in AppDomain: 'Der Thread wurde abgebrochen.' System.Threading.ThreadAbortException: Der Thread wurde abgebrochen. bei RedGate.SQLPrompt.CommonUI.TaskExecuter.Executer.a() bei System.Threading.ThreadHelper.ThreadStart_Context(Object state) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) bei System.Threading.ThreadHelper.ThreadStart() Error - 12.06.2012 11:36:33 | Computer Name = NORDEN | Source = SQL Prompt 4 | ID = 0 Description = 2012-06-12 17:36:33,677 [11] ERROR RedGate.SqlPrompt.Engine.LogService [(null)] - LogService caught unhandled exception in AppDomain: 'Der Thread wurde abgebrochen.' System.Threading.ThreadAbortException: Der Thread wurde abgebrochen. bei RedGate.SQLPrompt.CommonUI.TaskExecuter.Executer.a() bei System.Threading.ThreadHelper.ThreadStart_Context(Object state) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) bei System.Threading.ThreadHelper.ThreadStart() [ System Events ] Error - 28.06.2012 01:22:16 | Computer Name = NORDEN | Source = DCOM | ID = 10016 Description = Error - 28.06.2012 11:30:04 | Computer Name = NORDEN | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 28.06.2012 11:30:11 | Computer Name = NORDEN | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 28.06.2012 11:31:26 | Computer Name = NORDEN | Source = DCOM | ID = 10016 Description = Error - 29.06.2012 05:26:42 | Computer Name = NORDEN | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 29.06.2012 05:27:01 | Computer Name = NORDEN | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?29.?06.?2012 um 10:10:52 unerwartet heruntergefahren. Error - 29.06.2012 05:26:52 | Computer Name = NORDEN | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 29.06.2012 05:28:13 | Computer Name = NORDEN | Source = DCOM | ID = 10016 Description = Error - 29.06.2012 05:28:27 | Computer Name = NORDEN | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SBSD Security Center Service erreicht. Error - 29.06.2012 05:28:27 | Computer Name = NORDEN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 < End of report > |
hi vllt bin ich ja da altmodisch, aber ich dachte immer wenn man ein problem hatt, beschreibt man es erst mal, wie sollen wir sonst arbeiten :-) |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 15:32 Uhr. |
Copyright ©2000-2025, Trojaner-Board