| JasonVorhees | 28.08.2012 18:04 |
Hi,Danke;)
der Malewarebites log stehr ja bereits im ersten post der sollte ausreichen oder?
hier der Rest:
OTL Extras:OTL Logfile: Code:
OTL logfile created on: 28.08.2012 18:36:50 - Run 5
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\standard\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 58,63% Memory free
5,99 Gb Paging File | 4,57 Gb Available in Paging File | 76,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 452,99 Gb Total Space | 385,39 Gb Free Space | 85,08% Space Free | Partition Type: NTFS
Drive E: | 7,40 Gb Total Space | 4,30 Gb Free Space | 58,06% Space Free | Partition Type: FAT32
Computer Name: XXX-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\standard\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\standard\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
PRC - c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Siemens\sws\almsrv\almsrvx.exe (SIEMENS AG)
PRC - C:\Programme\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Programme\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Programme\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - C:\Users\standard\AppData\Local\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
========== Services (SafeList) ==========
SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (MSSQL$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (SQLAgent$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (SQLBrowser) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (almservice) -- C:\Programme\Common Files\Siemens\sws\almsrv\almsrvx.exe (SIEMENS AG)
SRV - (Secunia PSI Agent) -- C:\Programme\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Programme\Secunia\PSI\sua.exe (Secunia)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MSSQLServerADHelper100) -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (catchme) -- C:\Users\xxx\AppData\Local\Temp\catchme.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (RsFx0105) -- C:\Windows\System32\drivers\RsFx0105.sys (Microsoft Corporation)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (VSPerfDrv100) -- C:\Programme\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WINUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (k57nd60x) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 01 5A 3B 79 04 1F CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100471&mntrId=c40826c8000000000000001f16a7ec87
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.06.04 09:46:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\Object\facetheme
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.30 18:04:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.20 16:25:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.06.04 09:46:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\Object\facetheme
[2011.06.01 20:14:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2012.04.21 20:10:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ds8wnvyu.default\extensions
[2012.04.21 20:10:22 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ds8wnvyu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.03 13:56:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.03.03 13:56:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.06.01 21:30:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011.09.29 09:09:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.29 03:30:22 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011.08.15 13:10:10 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.09.29 03:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.09.29 03:30:22 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011.09.29 03:30:22 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011.09.29 03:30:22 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2011.10.20 20:04:35 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Programme\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe ()
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-5NS16.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EDC4998-C384-40AA-8981-4F1B09150A09}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{999EECD6-D880-48C0-A11A-E354A2C3EE81}: DhcpNameServer = 172.30.251.2
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.16 13:15:09 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.08.16 13:15:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.08.16 13:15:08 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.08.16 13:15:08 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.08.16 13:15:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.08.16 13:15:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.08.16 13:15:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.08.16 12:20:39 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012.08.16 12:20:35 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.08.16 12:20:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
========== Files - Modified Within 30 Days ==========
[2012.08.28 18:00:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.28 17:40:13 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTILiveUpdate.dll
[2012.08.28 17:38:08 | 000,763,042 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.28 17:38:08 | 000,718,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.28 17:38:08 | 000,173,396 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.28 17:38:08 | 000,146,342 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.28 17:25:56 | 000,016,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.28 17:25:56 | 000,016,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.28 17:18:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.28 17:18:18 | 2411,859,968 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.18 09:00:14 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.18 09:00:14 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.18 08:43:12 | 000,448,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2012.07.23 19:57:09 | 000,711,240 | ---- | C] () -- C:\Windows\is-5NS16.exe
[2012.01.19 16:31:53 | 000,000,080 | ---- | C] () -- C:\Windows\wiso.ini
[2011.08.15 13:10:16 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011.08.05 09:29:48 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011.08.05 09:29:48 | 000,000,074 | ---- | C] () -- C:\Windows\PidList.ini
[2011.08.05 09:29:47 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe
[2011.08.01 09:47:40 | 000,000,000 | ---- | C] () -- C:\Users\xxx\defogger_reenable
[2011.07.15 16:24:23 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.07.15 16:09:46 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2011.06.28 19:28:11 | 000,578,560 | ---- | C] () -- C:\Windows\System32\DLL_MHJProperties.dll
[2011.06.28 19:28:03 | 000,804,864 | ---- | C] () -- C:\Windows\System32\WS7_S7AG.dll
[2011.06.17 14:28:06 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.06.04 09:42:15 | 000,226,417 | ---- | C] () -- C:\Windows\hpoins18.dat
[2011.06.04 09:42:15 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011.06.01 23:37:20 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 28.08.2012 18:36:50 - Run 5
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\standard\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 58,63% Memory free
5,99 Gb Paging File | 4,57 Gb Available in Paging File | 76,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 452,99 Gb Total Space | 385,39 Gb Free Space | 85,08% Space Free | Partition Type: NTFS
Drive E: | 7,40 Gb Total Space | 4,30 Gb Free Space | 58,06% Space Free | Partition Type: FAT32
Computer Name: XXX-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C336F1-4B01-4D8A-AE48-8C968F964497}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D3C1DBF-D4D4-4746-B3BA-F39CB1C77EE8}" = lport=139 | protocol=6 | dir=in | app=system |
"{25AF6915-65A7-422A-AD2C-E3721B740ADC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2FF48AA8-E7C8-4675-8B79-F3BAC2B8FACC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{35CEA573-6C67-4BEB-BC04-DCE364460F68}" = rport=10243 | protocol=6 | dir=out | app=system |
"{37AC913B-AC82-40F8-A929-37ABEE7CB621}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3BF4E8B9-E36C-41F2-AB4C-CDE60F5A06CF}" = rport=137 | protocol=17 | dir=out | app=system |
"{461A7831-539C-4C7F-BE72-6F8FC38BF116}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{59074422-B0C9-4234-9BDB-CD11B156A4B0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5C5DB515-41A6-4544-902B-D9763A9FB850}" = rport=138 | protocol=17 | dir=out | app=system |
"{6068197E-225C-459E-A954-C92E6D3CDF67}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{66ABB918-B466-4C06-BCAC-07C4DD637C0C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C65B1A0-22F6-45F2-B8B5-8C02FAF65B66}" = rport=445 | protocol=6 | dir=out | app=system |
"{A1DD36BA-9C43-4E0A-B481-42DBE2898796}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A919435F-2B36-4E28-BF65-6C966B2B85CC}" = rport=139 | protocol=6 | dir=out | app=system |
"{B9A85D4C-46DA-4E31-9F60-BCCFB6345DF0}" = lport=137 | protocol=17 | dir=in | app=system |
"{C0542247-D196-4A58-9DE9-EE0746A6A8AD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C0921981-5B99-4D1D-8F91-2C2B5283F553}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C839CA22-9997-4BA7-8AA0-3F82A6D54506}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C9B68126-C0A5-4967-B363-D201835C294F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E677BA18-7C6C-4578-9C30-A2EB592679E3}" = lport=445 | protocol=6 | dir=in | app=system |
"{F314DDA8-605D-41EB-929A-AD6A2E21F3A5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F71830B5-D22C-4684-836E-624AF1BFABEB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FEC8F642-A148-4405-9074-E13938E276A0}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042C282F-5DE4-4F9F-8D9D-5157BF7C1CC6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{06003F85-0439-4654-BDA1-9B7DE9BDABA3}" = protocol=6 | dir=out | app=system |
"{079ED2C4-3790-458A-83FA-A9C82B754519}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{0A6A9D0D-775D-4136-929A-4B1D6D450BCD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{0AE4AB24-C83F-4246-8257-77FEE6AD97D5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0B2C53C3-7FC8-4690-996F-0C301CF548E1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{0D0CE584-C670-4316-8868-7EB19FDE5A25}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0E20155F-1D6B-4817-8149-3E92D0C71FC1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{14996BD9-CEC6-4A8B-A7B1-E1463538556E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1785DC06-8BB3-4FA5-B8A9-0C47BF143691}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{19B02943-7194-4EF9-B6C4-F3F946F93B2B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{1C07FEB2-899A-4D2A-91FB-5379D3AC255D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{200F7396-D540-4EB3-81AA-BE97B8AEF43F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{20F7F8DD-FB1C-434F-8DB2-2C5193A7710F}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{27CEF8D5-2AEE-423F-B833-2FBBFE21BAC8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{28F079C0-236E-4340-8C1C-C3668A87BCFF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{3319F6B4-185B-462E-B480-21B9418F7B67}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3B6625B1-5F91-465C-9104-073C7789DC99}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{45568645-ECE0-448A-873B-6648012FD302}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{45B78CBE-61D8-4701-B758-A1E180B2A00A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4A55599C-6146-433E-922D-5BC204FBB32A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4B4376B0-A6E0-411E-AE2F-6F36B306FA5A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4E34E7B0-79AC-43B0-8024-DD6AF0A3560D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5194E837-FDD8-49B8-8DBF-CAE3D47FC407}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{56BAB1ED-5A56-4A8B-94A8-BF55891CC19F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5AE4512F-8E00-49B2-B94D-CAF9F8ECE461}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E232A90-1CC5-4573-801E-C468A7C2D75B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{5EF64AF9-86CC-4953-8F9D-D8264DB8C8A7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{5FF89F07-D094-4F10-A4A8-028486C88C0D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{63BAA3D5-04DE-414A-8EE8-21A00D2A1668}" = dir=in | app=c:\program files\common files\siemens\sws\almsrv\almsrvx.exe |
"{64A051F8-1ABF-4620-ADA0-1ECA2B3D6EE9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6504F5F5-1BE3-4380-B8F4-68FAA5EA36B1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6592D92D-BC39-4CA3-B3EB-5467C9D17DFE}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6810DF66-C533-4D7F-9E07-2A8808E0F7B6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{68A771C4-757D-4345-92DC-4D84E4741AA7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6A52D84E-BD7E-4E6E-8C18-0FB43E67D08F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{6DB623D4-E022-4A2C-9CDE-F2880B07F3BD}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{777E976E-35A3-46B7-B3E9-B5A446634984}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7B3F8B2C-1B0E-4427-A421-F33AC090D209}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7C5AE87A-4C55-496B-AA9B-EBDD4CD077C5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{86E9666D-8ED4-45CB-8AC1-6850466CDF8B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{8BBD575C-4FAA-4C15-9307-FE2EE71DB324}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8C4B744E-6CA7-4345-810F-ED66DFB5C8A2}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8C6BE9D1-9080-4F2F-83E7-DD158571275F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8CF89CF6-4C0E-4905-9295-DC89A486A02C}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{8E996630-3437-4808-BE9E-A2EC7056819F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{921BB884-8E66-4EB1-A40A-74B85AC191D7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{94216B95-3930-4D7D-ADAE-18F9266B47C1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AD00928C-90CA-46A5-847B-9C0AA94C58CD}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AFC8F3C2-632F-437F-A771-864FEBBDD887}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{B4B70BEF-FE3F-4B4F-ACFB-7FFCE97F672B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{B8D8912F-C1E1-4B4D-9BF1-A782578491AE}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{BA2D3159-FC90-4838-90B1-B4C9EFA7D3AC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{C4FF4993-1AC1-4EEB-88F9-C3DAAA31AD5A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C75B739C-D6AA-4A01-AA1F-285CF0B454BA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C8B4A3AA-0643-4AFD-97C1-E7873602757C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CBDE5980-8DDA-40BF-9B45-63302EC70248}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CDA373F9-E9FF-4789-B00B-F0BA9E3C76A6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{CF9D6FBD-51DB-4A98-86A3-A1E35F25F88F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CFA04427-5E8E-4EFE-B4A0-CC23A55CE5BD}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D1C9E557-26AC-4715-947C-F1A9E720D0A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D1FD18AE-4DA8-4BED-AB70-4FF14DF86FE5}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{D7A1663A-1269-4E19-94AD-4A7D33A467D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8162778-3482-4EEA-9C15-1C2FBF6733B6}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DA792D67-EF1F-40F6-8FD3-4A10E88545AC}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DC416B3C-B732-4C28-BD2C-9DF38BDCBB3E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DED4B377-0398-47BA-8CDC-6F3EA46E5E70}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{E227E674-F7DB-41A0-B922-BCDA43835BEA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E595D57C-2183-4F19-B5C1-3BB482E7146A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E66E1ECA-A0F6-4CB8-A541-3B5944F71E80}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E78BE0B8-1A94-4E41-B0E8-C033E93805B5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{ED71CB5F-4D32-4F40-9D46-61CB322B59F0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{ED89540A-1650-42E0-AB78-055A10FEFA37}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{F02569AE-F0D6-4E0A-9004-0DFF47F991DC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F26CAF84-E9C3-42EB-AA3B-AF2B224137BD}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F273B918-3FCF-4960-AAD4-676EA330DFFA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F8BE6BB0-5EC5-411E-9364-BE4EFF53A7E1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FCC0520F-4FD3-418F-AB7B-8715D8B14C68}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{FD03F0D4-CFF6-4837-8759-D39121D456DB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{FD2E0160-1FE3-4334-82EA-7F3308DD6CDB}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"TCP Query User{0891181F-2B94-41BC-AFA9-2F68D978C6A6}C:\programdata\siemens\sinutrainoperate\04.04\hmi\snck\ncu01\siemens\sinumerik\snck\sncksl.exe" = protocol=6 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\snck\ncu01\siemens\sinumerik\snck\sncksl.exe |
"TCP Query User{468F5600-AE8A-4075-A960-9BC1A36CDFFE}C:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe" = protocol=6 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe |
"TCP Query User{485A9711-BCB7-49D2-8E58-633A4D384417}C:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe" = protocol=6 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe |
"TCP Query User{60674A1B-C909-4D89-8ADB-8E0974138531}C:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe" = protocol=6 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe |
"TCP Query User{80B3269A-9B8C-474E-A8D2-9327A3964491}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{A7A448FD-7548-4258-ADFA-7DC50FF474E5}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{BAC19FE1-92C3-4528-80FC-2531A23F4549}C:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe" = protocol=6 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe |
"TCP Query User{C6E4B552-E093-4BFC-9869-2C0E534FF4E0}C:\programdata\siemens\sinutrainoperate\04.04\hmi\snck\ncu01\siemens\sinumerik\snck\sncksl.exe" = protocol=6 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\snck\ncu01\siemens\sinumerik\snck\sncksl.exe |
"TCP Query User{C70BD4BD-766C-4AEE-BAA4-0C2E43229A03}C:\program files\siemens\sinutrainoperate\04.04\sinutrain.exe" = protocol=6 | dir=in | app=c:\program files\siemens\sinutrainoperate\04.04\sinutrain.exe |
"TCP Query User{D7C7FB45-CCAF-40F5-A94F-823F82A0D1A1}C:\program files\siemens\sinutrainoperate\04.04\sinutrain.exe" = protocol=6 | dir=in | app=c:\program files\siemens\sinutrainoperate\04.04\sinutrain.exe |
"UDP Query User{0ECD5BB4-1AFA-4DEF-9E64-5534A58EC384}C:\programdata\siemens\sinutrainoperate\04.04\hmi\snck\ncu01\siemens\sinumerik\snck\sncksl.exe" = protocol=17 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\snck\ncu01\siemens\sinumerik\snck\sncksl.exe |
"UDP Query User{124AC661-427E-432B-B8D1-628F9BC78FBC}C:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe" = protocol=17 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe |
"UDP Query User{3F15BE54-2C43-4FD4-BE28-E0FC8E755F7D}C:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe" = protocol=17 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe |
"UDP Query User{3F52BE4A-D48D-4933-B3FE-62D4F94D434A}C:\program files\siemens\sinutrainoperate\04.04\sinutrain.exe" = protocol=17 | dir=in | app=c:\program files\siemens\sinutrainoperate\04.04\sinutrain.exe |
"UDP Query User{60743780-0F87-4609-BC31-BA12DBEED8F9}C:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe" = protocol=17 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe |
"UDP Query User{9C460CE3-010A-4A44-850D-29F81DB0F116}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{B1DF060F-AD47-4599-94DF-E9E0907701AE}C:\program files\siemens\sinutrainoperate\04.04\sinutrain.exe" = protocol=17 | dir=in | app=c:\program files\siemens\sinutrainoperate\04.04\sinutrain.exe |
"UDP Query User{D148EB05-FCE2-4D7E-AA79-0985E43842DB}C:\programdata\siemens\sinutrainoperate\04.04\hmi\snck\ncu01\siemens\sinumerik\snck\sncksl.exe" = protocol=17 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\snck\ncu01\siemens\sinumerik\snck\sncksl.exe |
"UDP Query User{DF6AFA97-4461-4ABD-BED5-2630D248FB32}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{FEB64ABA-6015-46F2-AC45-BE6434629FC6}C:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe" = protocol=17 | dir=in | app=c:\programdata\siemens\sinutrainoperate\04.04\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{03A4C6A1-26E9-4DDB-81D9-B332E5BB10AD}" = Microsoft Sync Framework SDK v1.0 SP1 de
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{103A5E44-DD5B-46D5-AD1E-9DF2260CA023}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1570DE88-A78A-37FD-8A05-92620D160CCA}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - DEU
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{1AA5BD63-6614-44B2-88A7-605191EDB835}" = Dotfuscator Software Services - Community Edition
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2850A750-E135-4463-ABA7-80FAF1EE4671}" = Siemens Automation License Manager
"{2850A750-E135-4463-ABA7-80FAF1EE4671}LicenseManager" = Siemens Automation License Manager V5.1
"{2A231800-A7CF-4223-B8A3-1FD9057BAE96}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU
"{354038F6-0A35-4C55-A80B-F86C4C1A6D38}" = C3100
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{4135C790-0387-36D7-9C2A-1B09A5900460}" = Microsoft Visual Studio 2010 Ultimate - DEU
"{41A01180-D9FD-3428-9FD6-749F4C637CBF}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{539A0EAA-E1BB-4163-9C1E-6C8BF4A17FA2}" = Microsoft SQL Server 2008 Native Client
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{681F4E9F-34E0-36BD-BF2C-100554E403A5}" = Microsoft Visual F# 2.0 Runtime Language Pack - DEU
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BEC151D-ADA9-3EA9-9273-99BA82881971}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{803910CC-3A39-45E3-A594-0D5512A60A86}" = Microsoft Silverlight 4 SDK - Deutsch
"{827990C7-4D30-3627-A2D1-5FFA09198BB2}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{85467CBC-7A39-33C9-8940-D72D9269B84F}" = Microsoft Visual F# 2.0 Runtime
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EAA9D70-C912-3708-92DD-0CCC26F386E1}" = Microsoft Visual Studio 2010 Performance Collection Tools SP1 - DEU
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIOR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PRJPROR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.VISIOR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PRJPROR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.VISIOR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2010
"{90140000-0054-0407-0000-0000000FF1CE}_Office14.VISIOR_{1FEAC070-BB09-4055-9BD0-48CF52023F92}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PRJPROR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.VISIOR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{919E5477-D20B-4F64-AE8B-8199469F7817}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{91F54E1D-804A-46D8-A56C-53EA9C4B3177}" = Microsoft Silverlight 3 SDK - Deutsch
"{929F5BFC-60F0-34EC-A50B-2001AAC03D56}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AEAB754A-426C-4738-89C1-52FCB389FCDF}" = calibre
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B15B400A-19ED-4CC7-B3E4-9295D8470CBE}" = Secure Download Manager
"{B3D1CFF9-C5DA-3590-894B-40821DDB67C5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49
"{BB1E119E-CF4B-4183-910E-A8C2B379F2C6}" = Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C05BC4CD-C001-37E7-939C-3392604DFBEF}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C668416A-9213-4058-B7F2-01A42D85559D}" = Microsoft SQL Server System CLR Types
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC185D10-5C0E-40C3-91F2-63314BB365AF}" = Solid Edge ST2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.74.216
"{D6A6CFAD-CD86-482B-90D1-6FCC4E252ACD}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1
"{DB0AF767-7CC7-4E4D-B6BE-A200F20A2FB1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86) de
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DF38C72B-8A86-4727-99D2-FA7CC5E17A24}" = Microsoft SQL Server 2008 RsFx Driver
"{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}" = Microsoft ASP.NET MVC 2 - DEU
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile-Gerätecenter: Treiberupdate
"{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}" = Microsoft SQL Server 2008 R2 Management Objects
"{EAF7B35C-DCBE-4032-9ABF-C35C43D07124}" = Microsoft Sync Framework Services v1.0 SP1 (x86) de
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{EDC5C786-75D9-488F-803C-E8A3374FEEA9}" = SinuTrain for SINUMERIK Operate 4.4
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"7-Zip" = 7-Zip 4.65
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Assistant" = Assistant 5.05.010
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"DCoder Image Source" = DCoder Image Source (remove only)
"DirectVobSub" = DirectVobSub (remove only)
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow [rev 3124] [2009-11-03]
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"Free YouTube Download_is1" = Free YouTube Download version 3.1.24.412
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"HaaliMkx" = Haali Media Splitter
"HMI CAD-Reader" = HMI CAD-Reader
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"Microsoft Visual Studio 2010 Ultimate - DEU" = Microsoft Visual Studio 2010 Ultimate - DEU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox 7.0.1 (x86 en-GB)" = Mozilla Firefox 7.0.1 (x86 en-GB)
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.VISIOR" = Microsoft Visio Professional 2010
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"Polipo" = Polipo 1.0.4.1
"RealMedia" = RealMedia (remove only)
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"Shop for HP Supplies" = Shop for HP Supplies
"SHOUTcast Source" = SHOUTcast Source (remove only)
"SPS-VISU V4.83 " = SPS-VISU V4.83
"SPS-VISU V4.91 " = SPS-VISU V4.91
"SpywareBlaster_is1" = SpywareBlaster 4.6
"Tor" = Tor 0.2.2.35
"Vidalia" = Vidalia 0.2.15
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"WinSPS-S7 V4.56" = WinSPS-S7 V4.56
"ZoomPlayer" = Zoom Player (remove only)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 07.06.2012 14:19:00 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.06.2012 15:11:22 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 11.06.2012 11:43:56 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 11.06.2012 12:07:00 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 12.06.2012 15:03:24 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 12.06.2012 15:09:06 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 14.06.2012 10:49:17 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 14.06.2012 11:11:27 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 04.07.2012 12:12:26 | Computer Name = xxx-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_262.exe,
Version: 11.3.300.262, Zeitstempel: 0x4fe20fae Name des fehlerhaften Moduls: NPSWF32_11_3_300_262.dll,
Version: 11.3.300.262, Zeitstempel: 0x4fe21212 Ausnahmecode: 0xc0000005 Fehleroffset:
0x001d4b8f ID des fehlerhaften Prozesses: 0x12c4 Startzeit der fehlerhaften Anwendung:
0x01cd59ebb011deb0 Pfad der fehlerhaften Anwendung: C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
Berichtskennung:
0b0dcded-c5f3-11e1-806f-001f16a7ec87
Error - 21.07.2012 02:27:03 | Computer Name = xxx-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 10.1.3.23,
Zeitstempel: 0x4f7bc349 Name des fehlerhaften Moduls: AcroRd32.dll, Version: 10.1.3.23,
Zeitstempel: 0x4f7bd937 Ausnahmecode: 0xc0000094 Fehleroffset: 0x002c75ac ID des fehlerhaften
Prozesses: 0xc4 Startzeit der fehlerhaften Anwendung: 0x01cd67096066e180 Pfad der
fehlerhaften Anwendung: C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe Pfad
des fehlerhaften Moduls: C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.dll
Berichtskennung:
151a9b74-d2fd-11e1-aff3-001f16a7ec87
[ System Events ]
Error - 28.08.2012 12:06:30 | Computer Name = xxx-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 28.08.2012 12:06:31 | Computer Name = xxx-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 28.08.2012 12:06:32 | Computer Name = xxx-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 28.08.2012 12:06:33 | Computer Name = xxx-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 28.08.2012 12:06:34 | Computer Name = xxx-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 28.08.2012 12:06:35 | Computer Name = xxx-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 28.08.2012 12:06:36 | Computer Name = xxx-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 28.08.2012 12:06:37 | Computer Name = xxx-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 28.08.2012 12:06:38 | Computer Name = xxx-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 28.08.2012 12:06:39 | Computer Name = xxx-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
< End of report >
--- --- ---
[/code]
OTL:
Programme: Code:
7-Zip 4.65 17.06.2011
AC3Filter 1.63b Alexander Vigovsky 17.06.2011 1.63b
Acer Crystal Eye webcam Ver:1.1.74.216 Chicony Electronics Co.,Ltd. 05.08.2011 1.1.74.216
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 16.08.2012 6,00 MB 11.3.300.271
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 18.08.2012 6,00 MB 11.3.300.271
Adobe Reader X (10.1.3) - Deutsch Adobe Systems Incorporated 20.04.2012 121 MB 10.1.3
Assistant 5.05.010 Medion 19.06.2011 5.5.10.0
Avira Free Antivirus Avira 10.08.2012 104 MB 12.0.0.1167
Bass Audio Decoder (remove only) 17.06.2011
calibre Kovid Goyal 02.03.2012 123 MB 0.8.41
CCleaner Piriform 22.08.2012 3.22
CD Audio Reader Filter (remove only) 17.06.2011
DCoder Image Source (remove only) 17.06.2011
DirectVobSub (remove only) 17.06.2011
Dotfuscator Software Services - Community Edition PreEmptive Solutions 20.04.2012 6,45 MB 5.0.2500.0
Dotfuscator Software Services - Community Edition - DEU PreEmptive Solutions 17.02.2012 2,84 MB 5.0.2300.0
DScaler 5 Mpeg Decoders 17.06.2011
ESET Online Scanner v3 01.06.2011
ffdshow [rev 3124] [2009-11-03] 17.06.2011 1.0
FFMPEG Core Files (remove only) 17.06.2011
Free YouTube Download version 3.1.24.412 DVDVideoSoft Ltd. 21.04.2012 74,7 MB 3.1.24.412
Gabest MPEG Splitter (remove only) 17.06.2011
Haali Media Splitter 17.06.2011
HMI CAD-Reader Siemens\SINUMERIK 29.12.2011 6.2
HP Customer Participation Program 13.0 HP 04.06.2011 13.0
HP Imaging Device Functions 13.0 HP 04.06.2011 13.0
HP Photosmart All-In-One Driver Software 13.0 Rel. A HP 04.06.2011 13.0
HP Photosmart Essential 3.5 HP 04.06.2011 3.5
HP Smart Web Printing 4.51 HP 04.06.2011 4.51
HP Solution Center 13.0 HP 04.06.2011 13.0
HP Update Hewlett-Packard 08.08.2011 2,97 MB 5.002.006.003
Java(TM) 7 Update 5 Oracle 17.06.2012 99,3 MB 7.0.50
JavaFX 2.1.1 Oracle Corporation 17.06.2012 20,8 MB 2.1.1
Malwarebytes Anti-Malware Version 1.62.0.1300 Malwarebytes Corporation 23.07.2012 18,7 MB 1.62.0.1300
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 01.06.2011 38,8 MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 01.06.2011 2,93 MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 17.02.2012 51,9 MB 4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 17.02.2012 10,6 MB 4.0.30319
Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 17.02.2012 83,4 MB 4.0.30319
Microsoft ASP.NET MVC 2 Microsoft Corporation 17.02.2012 482 KB 2.0.50217.0
Microsoft ASP.NET MVC 2 - DEU Microsoft Corporation 17.02.2012 25,0 KB 2.0.50331.0
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Corporation 17.02.2012 2,25 MB 2.0.50217.0
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU Microsoft Corporation 17.02.2012 2,07 MB 2.0.50331.0
Microsoft Help Viewer 1.0 Microsoft Corporation 17.02.2012 3,97 MB 1.0.30319
Microsoft Help Viewer 1.0 Language Pack - DEU Microsoft Corporation 17.02.2012 1,95 MB 1.0.30319
Microsoft Office Enterprise 2007 Microsoft Corporation 11.03.2012 12.0.6612.1000
Microsoft Project Professional 2010 Microsoft Corporation 04.10.2011 14.0.6029.1000
Microsoft Silverlight Microsoft Corporation 11.05.2012 102 MB 5.1.10411.0
Microsoft Silverlight 3 SDK - Deutsch Microsoft Corporation 17.02.2012 32,7 MB 3.0.40818.0
Microsoft Silverlight 4 SDK - Deutsch Microsoft Corporation 20.04.2012 52,3 MB 4.0.50826.0
Microsoft SQL Server 2008 Microsoft Corporation 17.02.2012
Microsoft SQL Server 2008 Browser Microsoft Corporation 20.04.2012 8,03 MB 10.3.5500.0
Microsoft SQL Server 2008 Native Client Microsoft Corporation 20.04.2012 3,27 MB 10.3.5500.0
Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 20.04.2012 14,4 MB 10.50.1750.9
Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst Microsoft Corporation 21.04.2012 6,79 MB 10.50.1752.9
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework Microsoft Corporation 20.04.2012 5,62 MB 10.50.1750.9
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt Microsoft Corporation 20.04.2012 14,1 MB 10.50.1750.9
Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 17.02.2012 3,69 MB 3.5.8080.0
Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft Corporation 17.02.2012 10,1 MB 10.1.2512.8
Microsoft SQL Server System CLR Types Microsoft Corporation 20.04.2012 951 KB 10.50.1750.9
Microsoft SQL Server VSS Writer Microsoft Corporation 20.04.2012 2,18 MB 10.3.5500.0
Microsoft Sync Framework Runtime v1.0 SP1 (x86) de Microsoft Corporation 17.02.2012 844 KB 1.0.3010.0
Microsoft Sync Framework SDK v1.0 SP1 de Microsoft Corporation 17.02.2012 30,0 MB 1.0.3010.0
Microsoft Sync Framework Services v1.0 SP1 (x86) de Microsoft Corporation 17.02.2012 2,06 MB 1.0.3010.0
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de Microsoft Corporation 17.02.2012 598 KB 2.0.3010.0
Microsoft Team Foundation Server 2010-Objektmodell - DEU Microsoft Corporation 20.04.2012 10.0.40219
Microsoft Visio Professional 2010 Microsoft Corporation 04.10.2011 14.0.6029.1000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 24.01.2012 250 KB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.08.2011 300 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 01.06.2011 596 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 30.07.2011 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 18.10.2011 12,2 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Corporation 02.03.2012 15,7 MB 10.0.30319
Microsoft Visual F# 2.0 Runtime Microsoft Corporation 20.04.2012 5,84 MB 10.0.40219
Microsoft Visual F# 2.0 Runtime Language Pack - DEU Microsoft Corporation 17.02.2012 1,30 MB 10.0.30319
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 20.04.2012 35,2 MB 10.0.40219
Microsoft Visual Studio 2010 Service Pack 1 Microsoft Corporation 20.04.2012 75,9 MB 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Corporation 20.04.2012 10.0.31007
Microsoft Visual Studio 2010 Ultimate - DEU Microsoft Corporation 17.02.2012 10.0.30319
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU Microsoft Corporation 20.04.2012 10.0.31007
Microsoft Visual Studio Macro Tools Microsoft Corporation 17.02.2012 9.0.30729
Microsoft Visual Studio Macro Tools - DEU Language Pack Microsoft Corporation 17.02.2012 9.0.30729
MONOGRAM AMR Splitter/Decoder (remove only) 17.06.2011
Mozilla Firefox 14.0.1 (x86 de) Mozilla 21.07.2012 44,0 MB 14.0.1
Mozilla Firefox 7.0.1 (x86 en-GB) Mozilla 30.09.2011 32,6 MB 7.0.1
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 14.07.2011 1,27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 15.07.2011 1,33 MB 4.20.9876.0
NTI Backup Now 5 NewTech Infosystems 01.06.2011 29,3 MB 5.1.2.616
NTI Media Maker 8 NewTech Infosystems 01.06.2011 205 MB 8.0.2.6509
NVIDIA Drivers NVIDIA Corporation 01.06.2011 1.5
OCR Software by I.R.I.S. 13.0 HP 04.06.2011 13.0
OpenSource AVI Splitter (remove only) 17.06.2011
OpenSource DTS/AC3/DD+ Source Filter (remove only) 17.06.2011
OpenSource Flash Video Splitter (remove only) 17.06.2011
PDFCreator Frank Heindörfer, Philip Chinery 24.07.2012 1.4.2
Polipo 1.0.4.1 27.03.2012
RealMedia (remove only) 17.06.2011
Secunia PSI (2.0.0.3003) 08.08.2011
Secure Download Manager e-academy Inc. 15.02.2012 1,14 MB 3.0.3
Shop for HP Supplies HP 04.06.2011 13.0
SHOUTcast Source (remove only) 17.06.2011
Siemens Automation License Manager V5.1 Siemens AG 30.12.2011 05.01.0000
SinuTrain for SINUMERIK Operate 4.4 Siemens 29.12.2011 1,10 GB 04.04.00.00
Skype Click to Call Skype Technologies S.A. 03.03.2012 12,4 MB 5.9.9216
Skype™ 5.8 Skype Technologies S.A. 03.03.2012 19,0 MB 5.8.156
Solid Edge ST2 SIEMENS 01.06.2011 2,06 GB 102.00.0504
SPS-VISU V4.83 13.11.2011
SPS-VISU V4.91 12.01.2012
Spybot - Search & Destroy Safer Networking Limited 01.06.2011 1.6.2
SpywareBlaster 4.6 Javacool Software LLC 06.04.2012 6,53 MB 4.6.0
StreamTransport version: 1.0.2.2171 21.01.2012
SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49 eRightSoft 15.07.2011 42,7 MB v2011.build.49
SUPERAntiSpyware SUPERAntiSpyware.com 01.06.2011 56,8 MB 4.53.1000
Tor 0.2.2.35 27.03.2012
Unterstützungsdateien für Microsoft SQL Server 2008-Setup Microsoft Corporation 20.04.2012 30,0 MB 10.3.5500.0
Vidalia 0.2.15 27.03.2012
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 17.02.2012 11,1 MB 4.0.8080.0
WCF RIA Services V1.0 SP1 Microsoft Corporation 20.04.2012 12,3 MB 4.1.60114.0
Web Deployment Tool Microsoft Corporation 17.02.2012 4,55 MB 1.1.0618
Windows Mobile-Gerätecenter Microsoft Corporation 19.06.2011 27,4 MB 6.1.6965.0
Windows Mobile-Gerätecenter: Treiberupdate Microsoft Corporation 19.06.2011 42,4 MB 6.1.6965.0
WinRAR 4.01 (32-Bit) win.rar GmbH 01.06.2011 4.01.0
WinSPS-S7 V4.56 28.06.2011
WISO Steuer-Sparbuch 2012 Buhl Data Service GmbH 19.01.2012 19.00.7303
Zoom Player (remove only) 17.06.2011
|
