| nicoreed | 27.08.2012 13:54 |
win7 - weißer bildschirm - trojaner; OTLPE funkt nicht
hallo,
ich habe mir mitte letzter woche den hier schon mehrmals erwähnten trojaner "weißer bildschirm" bei win7 64bit eingefangen. nach diversen versuchen mit
wollte ich nach entsprechender anleitung(en) hier das problem mit otlpe lösen, habe die schritte wie hier beschrieben genau befolgt.
leider kann mein pc nicht von usb booten. von cd/dvd wäre es möglich, also habe ich mal den inhalt von C:\eeecpfr auf eine dvd gebrannt. diese ist aber jetzt nicht wirklich bootfähig.
ich war schon dabei win7 neu zu installieren, daten sind gesichtert (gottseidank hab ich dual-boot mit win xp am rechner).
ich habe jetzt allerdings noch folgendes zusammengebracht:
und zwar kann ich das system im "debug-modus" hochzufahren. hier läuft mal auf den ersten blick das wichtigste und ich habe KEINEN weißen bildschirm. momentan schreibe ich auch direkt vom win7.
der vollständigkeit halber: ich hatte dazwischen schon mal das system sogar im "normalen modus" hochfahren können ... und zwar mit dem "trick" eine cd mit auotrun eingelegt, neustart gedrückt, und dann auf "abbrechen" oder so in der art. und plötzlich ging es. hatte danach mit antiviurs von avira sogar 2 trojaner entdeckt und auch gelöscht, sowie ein paar warnungen. dachte das war's -> neustart -> gleiches problem wieder.
die devise lautet für mich jetzt also "bloß kein neustart" ;)
jetzt zu meiner frage:
welche möglichkeit hab ich, vielleicht sogar jetzt direkt aus dem momentan laufenden system das problem zu beheben.
vielen dank für eure hilfe!!!!
ok, bin schon viel weiter. eine antwort nach meinem beitrag auf einen anderen mit dem gleichen problem brachte mich zu einer funktionieren olt.exe auf meinem rechner.
kann also hier meine scan-ergebnisse einfügen:
OTL.txt: Code:
OTL logfile created on: 27.08.2012 15:54:28 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\nico\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 56,61% Memory free
8,00 Gb Paging File | 6,22 Gb Available in Paging File | 77,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 35,48 Gb Free Space | 24,22% Space Free | Partition Type: NTFS
Drive D: | 78,12 Gb Total Space | 53,50 Gb Free Space | 68,48% Space Free | Partition Type: NTFS
Drive E: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 433,53 Gb Total Space | 60,50 Gb Free Space | 13,95% Space Free | Partition Type: NTFS
Drive I: | 1,82 Gb Total Space | 1,49 Gb Free Space | 82,08% Space Free | Partition Type: FAT
Drive N: | 7,49 Gb Total Space | 5,86 Gb Free Space | 78,28% Space Free | Partition Type: FAT32
Drive O: | 298,09 Gb Total Space | 206,37 Gb Free Space | 69,23% Space Free | Partition Type: NTFS
Computer Name: STAND-PC | User Name: nico | Logged in as Administrator.
Cannot determine boot mode. | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\nico\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe ()
PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\mozjs.dll ()
MOD - C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Alcid.dll ()
MOD - C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\SPBasic.dll ()
MOD - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (emaudsv) -- C:\Windows\SysNative\emaudsv.exe (E-MU Systems)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (LBTServ) -- C:\Programme\Common Files\logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (LVPrcS64) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (NIHardwareService) -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (PS3 Media Server) -- C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe ()
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (TryAndDecideService) -- C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe ()
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (pwdrvio) -- C:\Windows\SysNative\pwdrvio.sys ()
DRV:64bit: - (pwdspio) -- C:\Windows\SysNative\pwdspio.sys ()
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcuxd) -- C:\Windows\SysNative\drivers\vpcuxd.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (emusba10) -- C:\Windows\SysNative\drivers\emusba10.sys (E-MU Systems)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (RTL85n64) -- C:\Windows\SysNative\drivers\RTL85n64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (AtcL001) -- C:\Windows\SysNative\drivers\l160x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\drivers\tifsfilt.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (tdrpman) -- C:\Windows\SysNative\drivers\tdrpman.sys (Acronis)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (JGOGO) -- C:\Windows\SysNative\drivers\JGOGO.sys (JMicron )
DRV - (CdaC15BA) -- C:\Windows\SysWOW64\drivers\CdaC15BA.SYS (Macrovision Europe Ltd)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C4 9B 33 25 CC 74 CD 01 [binary data]
IE - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\..\SearchScopes,DefaultScope = {E7728C17-7F8E-4C49-9E6B-16844905ECAA}
IE - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\..\SearchScopes\{E7728C17-7F8E-4C49-9E6B-16844905ECAA}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=
IE - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://mail.google.com/mail/?account_id=nico.reed%40gmail.com#inbox"
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.1.0
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: google-wave@chad.smith:0.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.0.176.0
FF - prefs.js..extensions.enabledItems: VMwareVMRC@vmware.com:2.5.0.116460
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2897: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2955: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1675: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\nico\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\nico\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010.03.06 15:06:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.01.30 15:44:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\components [2012.08.01 19:16:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\firejump@firejump.net [2012.04.10 19:17:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\components [2012.08.01 19:16:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\plugins
[2011.04.27 19:30:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nico\AppData\Roaming\mozilla\Extensions
[2011.04.27 19:30:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nico\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.08.27 14:37:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions
[2012.07.23 18:00:50 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010.03.20 10:59:25 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012.08.01 19:16:09 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2012.08.21 20:52:24 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.01.05 21:43:15 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.02.16 20:17:30 | 000,000,000 | ---D | M] (Vuze Remote) -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011.08.15 10:05:03 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\DeviceDetection@logitech.com
[2012.04.10 19:17:03 | 000,000,000 | ---D | M] (FireJump) -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\firejump@firejump.net
[2009.10.30 12:32:26 | 000,000,000 | ---D | M] (Google Wave Add-on for Firefox) -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\google-wave@chad.smith
[2012.08.27 14:37:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\staged
[2010.01.04 15:05:14 | 000,000,000 | ---D | M] (VMware Remote Console Plug-in) -- C:\Users\nico\AppData\Roaming\mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\VMwareVMRC@vmware.com
[2012.08.21 19:41:15 | 000,001,611 | ---- | M] () -- C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\fuoxqe8k.default\searchplugins\tuwis-lva-suche.xml
[2009.06.09 21:51:40 | 000,002,028 | ---- | M] () -- C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\fuoxqe8k.default\searchplugins\xing---powering-relationships.xml
[2011.12.10 22:18:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.10 19:39:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.24 19:46:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.07 21:22:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.05.31 18:48:55 | 000,068,465 | ---- | M] () (No name found) -- C:\USERS\NICO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FUOXQE8K.DEFAULT\EXTENSIONS\{386869F0-E3F2-11DC-95FF-0800200C9A66}.XPI
[2011.03.27 14:11:45 | 000,242,709 | ---- | M] () (No name found) -- C:\USERS\NICO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FUOXQE8K.DEFAULT\EXTENSIONS\{582195F5-92E7-40A0-A127-DB71295901D7}.XPI
[2012.08.21 19:39:11 | 000,341,151 | ---- | M] () (No name found) -- C:\USERS\NICO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FUOXQE8K.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
[2012.03.25 11:17:26 | 000,009,847 | ---- | M] () (No name found) -- C:\USERS\NICO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FUOXQE8K.DEFAULT\EXTENSIONS\INFO@CSSUPDATER.COM.XPI
[2012.04.21 18:27:29 | 000,344,888 | ---- | M] () (No name found) -- C:\USERS\NICO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FUOXQE8K.DEFAULT\EXTENSIONS\TOOLBAR@ALEXA.COM.XPI
[2012.03.18 13:02:28 | 000,011,510 | ---- | M] () (No name found) -- C:\USERS\NICO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FUOXQE8K.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2010.03.27 19:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll
[2010.09.15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
========== Chrome ==========
CHR - homepage: hxxp://www.google.at/ig?hl=de&source=iglk
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.at/ig?hl=de&source=iglk
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\nico\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\nico\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\nico\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\nico\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\nico\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
O1 HOSTS File: ([2011.01.30 14:41:50 | 000,000,791 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\fuoxqe8k.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.76.dll File not found
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MbWzdFPAP-EXL600] C:\Windows\SysWOW64\FPAP-EXL600\PdtGuide.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000..\Run: [Akamai NetSession Interface] C:\Users\nico\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000..\Run: [E-MU USB Audio Control Panel] C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe (E-MU Systems)
O4 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000..\Run: [ONAIR] C:\Programme\ONAIR\ONAIR.exe (DJMASTER.COM)
O4 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000..\Run: [Spotify Web Helper] C:\Users\nico\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\nico\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\nico\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\nico\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{403DAB77-0A7D-489C-A7B0-18E7BD8064F7}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88C4AB40-434F-4A80-A451-BAC19B2729A1}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - C:\Windows\SysNative\acaptuser64.dll (Adobe Systems, Inc.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\Windows\SysWow64\acaptuser32.dll (Adobe Systems Incorporated)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-4276689660-1082581986-1976619290-1000 Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.04 16:35:53 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.07.15 21:39:51 | 000,000,122 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - Unable to obtain root file information for disk I:\
O33 - MountPoints2\{763eef36-2c6d-11e0-85ff-0022158f67e4}\Shell - "" = AutoRun
O33 - MountPoints2\{763eef36-2c6d-11e0-85ff-0022158f67e4}\Shell\AutoRun\command - "" = G:\wubi.exe --cdmenu
O33 - MountPoints2\{bba8c978-2301-11e1-b750-0022158f67e4}\Shell - "" = AutoRun
O33 - MountPoints2\{bba8c978-2301-11e1-b750-0022158f67e4}\Shell\AutoRun\command - "" = G:\DVD-WRITER.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.27 15:50:19 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\nico\Desktop\OTL.exe
[2012.08.22 15:07:50 | 000,000,000 | ---D | C] -- C:\Users\nico\AppData\Local\{52DE5A3F-CEAD-4C65-AC35-FFA5E9D9F593}
[2012.08.21 20:52:46 | 000,000,000 | ---D | C] -- C:\Users\nico\AppData\Local\{41F0A6FD-2992-4EE9-B99E-4BE288720A69}
[2012.08.20 10:22:53 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.20 10:22:52 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.20 10:22:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.20 10:22:52 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.20 10:22:51 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.20 10:22:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.20 10:22:51 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.20 10:22:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.20 10:22:51 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.20 10:22:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.20 10:22:50 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.20 10:22:49 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.20 10:22:49 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.20 10:19:17 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2012.08.20 10:17:54 | 000,112,096 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\acaptuser32.dll
[2012.08.20 10:13:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.20 10:13:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.20 10:13:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.20 10:13:38 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.13 20:21:26 | 000,000,000 | ---D | C] -- C:\Users\nico\AppData\Local\{F6C21EF0-2A36-4606-B84D-B932354F070E}
[2012.08.13 20:21:03 | 000,000,000 | ---D | C] -- C:\Users\nico\AppData\Local\{FFCEAB4B-353A-4D78-8141-6DE489791A0B}
[2012.08.13 19:50:13 | 000,000,000 | ---D | C] -- C:\Users\nico\Desktop\hochzeits_lieder
[2012.08.06 17:51:39 | 000,000,000 | ---D | C] -- C:\Users\nico\AppData\Local\{86310FAB-DE4F-4963-88B7-D93682063745}
[2012.08.06 17:51:17 | 000,000,000 | ---D | C] -- C:\Users\nico\AppData\Local\{23A2C986-8E0B-43B1-8F02-331428AD5898}
[2011.09.04 13:51:40 | 000,082,048 | ---- | C] (VSO Software) -- C:\Users\nico\AppData\Roaming\pcouffin.sys
[2009.10.27 11:22:46 | 001,499,136 | ---- | C] (CPUID) -- C:\Program Files (x86)\cpuz.exe
[1 C:\Users\nico\Documents\*.tmp files -> C:\Users\nico\Documents\*.tmp -> ]
[1 C:\Users\nico\Desktop\*.tmp files -> C:\Users\nico\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.27 15:56:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.27 15:56:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4276689660-1082581986-1976619290-1000UA.job
[2012.08.27 15:50:20 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\nico\Desktop\OTL.exe
[2012.08.27 15:42:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.27 15:31:36 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.27 15:31:36 | 000,645,502 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.27 15:31:36 | 000,607,530 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.27 15:31:36 | 000,126,822 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.27 15:31:36 | 000,103,908 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.27 14:34:55 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.27 14:34:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.27 14:33:56 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.27 14:32:11 | 000,000,045 | ---- | M] () -- C:\Users\nico\AppData\Roaming\msconfig.ini
[2012.08.27 13:30:20 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012.08.27 13:30:20 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012.08.27 13:29:03 | 000,006,952 | ---- | M] () -- C:\Users\nico\Desktop\Windows-Kompatibilitätsbericht.htm
[2012.08.27 13:16:05 | 000,019,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.27 13:16:04 | 000,019,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.21 21:56:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4276689660-1082581986-1976619290-1000Core1cab8a345bc00be.job
[2012.08.21 19:38:01 | 005,021,128 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.20 11:42:24 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.20 11:42:24 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.14 13:14:41 | 002,233,344 | ---- | M] () -- C:\Users\nico\Documents\hochzeitssirupholler.zdl
[2012.08.14 13:12:28 | 000,000,055 | -H-- | M] () -- C:\Users\nico\Documents\clipart.zdx
[2012.08.14 12:34:31 | 002,332,160 | ---- | M] () -- C:\Users\nico\Documents\hochzeitssirupmelisse.zdl
[2012.08.06 17:54:45 | 000,055,846 | ---- | M] () -- C:\Users\nico\Documents\FRUEHM.pdf
[2012.07.30 15:53:24 | 000,112,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\acaptuser32.dll
[1 C:\Users\nico\Documents\*.tmp files -> C:\Users\nico\Documents\*.tmp -> ]
[1 C:\Users\nico\Desktop\*.tmp files -> C:\Users\nico\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.27 13:29:03 | 000,006,952 | ---- | C] () -- C:\Users\nico\Desktop\Windows-Kompatibilitätsbericht.htm
[2012.08.22 15:55:09 | 000,000,045 | ---- | C] () -- C:\Users\nico\AppData\Roaming\msconfig.ini
[2012.08.14 13:13:21 | 002,233,344 | ---- | C] () -- C:\Users\nico\Documents\hochzeitssirupholler.zdl
[2012.08.14 12:18:24 | 002,332,160 | ---- | C] () -- C:\Users\nico\Documents\hochzeitssirupmelisse.zdl
[2012.08.06 17:54:44 | 000,055,846 | ---- | C] () -- C:\Users\nico\Documents\FRUEHM.pdf
[2012.05.18 10:33:00 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\np_plugin.dll
[2012.04.10 19:17:00 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.01.07 16:40:42 | 000,888,559 | ---- | C] () -- C:\Users\nico\sax-grifftabelle.pdf
[2012.01.06 12:40:22 | 001,027,330 | ---- | C] () -- C:\Users\nico\STRDE345.pdf
[2011.12.18 21:20:33 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2011.12.18 21:20:33 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2011.12.13 21:18:49 | 000,023,427 | ---- | C] () -- C:\Users\nico\.recently-used.xbel
[2011.12.10 20:26:22 | 000,000,132 | ---- | C] () -- C:\Users\nico\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.12.10 20:00:24 | 000,001,456 | ---- | C] () -- C:\Users\nico\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011.12.10 19:59:49 | 000,000,132 | ---- | C] () -- C:\Users\nico\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2011.09.16 12:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.09.16 12:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.09.16 12:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.09.16 12:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.09.04 13:52:32 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo3.dll
[2011.09.04 13:51:40 | 000,093,696 | ---- | C] () -- C:\Users\nico\AppData\Roaming\ezpinst.exe
[2011.09.04 13:51:40 | 000,007,176 | ---- | C] () -- C:\Users\nico\AppData\Roaming\pcouffin.cat
[2011.09.04 13:51:40 | 000,001,167 | ---- | C] () -- C:\Users\nico\AppData\Roaming\pcouffin.inf
[2011.05.31 20:06:29 | 000,000,017 | ---- | C] () -- C:\Users\nico\AppData\Local\resmon.resmoncfg
[2011.02.19 20:44:42 | 003,789,522 | ---- | C] () -- C:\Users\nico\percussion-stomp.jpg
[2011.02.19 20:43:28 | 008,024,649 | ---- | C] () -- C:\Users\nico\stomp.m4a
[2010.12.05 16:38:28 | 000,004,608 | ---- | C] () -- C:\Users\nico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.16 20:19:06 | 000,000,760 | ---- | C] () -- C:\Users\nico\AppData\Roaming\setup_ldm.iss
[2010.09.19 23:53:46 | 000,001,363 | ---- | C] () -- C:\Windows\emasio.dat
[2010.03.20 12:07:04 | 001,905,111 | ---- | C] () -- C:\Users\nico\nuvi855_DEBenutzerhandbuch.pdf
[2010.03.07 22:26:58 | 000,063,722 | ---- | C] () -- C:\Users\nico\AppData\Roaming\mdbu.bin
[2010.03.06 20:34:18 | 000,042,093 | ---- | C] () -- C:\Users\nico\Dienstvertrag Nicolas Fedrigotti.pdf
[2010.01.07 19:55:38 | 000,011,230 | ---- | C] () -- C:\Users\nico\gsview64.ini
[2009.11.01 19:06:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.06.01 13:27:00 | 000,070,077 | ---- | C] () -- C:\Users\nico\schnellbahn-wien.kmz
[2009.04.22 10:16:45 | 000,007,484 | ---- | C] () -- C:\Users\nico\sample2e.dvi
[2009.04.22 10:16:45 | 000,000,159 | ---- | C] () -- C:\Users\nico\sample2e.aux
[2009.04.22 10:11:05 | 000,000,097 | ---- | C] () -- C:\Users\nico\psv.ini
[2009.04.17 16:27:35 | 000,011,502 | ---- | C] () -- C:\Users\nico\huv.JPG
[2009.04.17 16:27:18 | 000,012,665 | ---- | C] () -- C:\Users\nico\bugspoiler.JPG
[2009.01.12 12:19:41 | 000,000,107 | ---- | C] () -- C:\Users\nico\AppData\Roaming\default.pls
[2008.12.21 15:29:37 | 000,001,024 | ---- | C] () -- C:\Users\nico\.rnd
[2008.12.07 14:00:34 | 000,000,600 | ---- | C] () -- C:\Users\nico\AppData\Roaming\winscp.rnd
========== LOP Check ==========
[2009.10.30 12:32:17 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Acronis
[2011.02.10 18:20:40 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\at.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2011.12.10 17:43:06 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Avery
[2012.07.27 09:49:42 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Azureus
[2009.10.30 12:32:18 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Bullzip
[2010.09.20 14:29:37 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009.10.30 12:32:18 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\DAEMON Tools
[2012.06.02 20:38:24 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\DesktopIconForAmazon
[2012.08.27 14:31:43 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Dropbox
[2011.01.05 21:43:15 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.09.15 11:18:39 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\foobar2000
[2011.09.14 22:49:39 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\FreeAudioPack
[2010.03.20 12:19:22 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\GARMIN
[2011.12.13 21:18:49 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\gtk-2.0
[2011.05.15 19:45:31 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\HappyFoto
[2009.10.30 12:32:18 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Leadertech
[2010.05.13 14:58:32 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Nokia
[2012.03.31 21:04:14 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Notepad++
[2011.09.03 10:29:18 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\PACE Anti-Piracy
[2010.05.13 14:58:39 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\PC Suite
[2012.04.28 22:47:57 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\PMS
[2011.11.05 17:05:04 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Samsung
[2012.08.21 21:03:35 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Spotify
[2011.05.16 20:42:49 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Steinberg
[2011.04.27 19:30:29 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\TomTom
[2012.03.25 21:39:46 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\uTorrent
[2011.09.04 13:52:25 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\Vso
[2011.05.16 20:49:52 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\vstsaxi
[2012.05.11 14:57:03 | 000,000,000 | ---D | M] -- C:\Users\nico\AppData\Roaming\webex
[2012.06.15 09:30:17 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 1266 bytes -> C:\Users\nico\AppData\Local\Temp:X0JE7R40eSJvamrL1AFsykBGYjSw
< End of report >
extras.txt: Code:
OTL Extras logfile created on: 27.08.2012 15:54:28 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\nico\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 56,61% Memory free
8,00 Gb Paging File | 6,22 Gb Available in Paging File | 77,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 35,48 Gb Free Space | 24,22% Space Free | Partition Type: NTFS
Drive D: | 78,12 Gb Total Space | 53,50 Gb Free Space | 68,48% Space Free | Partition Type: NTFS
Drive E: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 433,53 Gb Total Space | 60,50 Gb Free Space | 13,95% Space Free | Partition Type: NTFS
Drive I: | 1,82 Gb Total Space | 1,49 Gb Free Space | 82,08% Space Free | Partition Type: FAT
Drive N: | 7,49 Gb Total Space | 5,86 Gb Free Space | 78,28% Space Free | Partition Type: FAT32
Drive O: | 298,09 Gb Total Space | 206,37 Gb Free Space | 69,23% Space Free | Partition Type: NTFS
Computer Name: STAND-PC | User Name: nico | Logged in as Administrator.
Cannot determine boot mode. | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4276689660-1082581986-1976619290-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D81417-47CC-480F-B491-FBE8CB580854}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{08F09759-6B68-4B1A-8D9A-85C3A426BD84}" = rport=445 | protocol=6 | dir=out | app=system |
"{2168C7E9-A4D2-4C13-98FE-C9D342760C4C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{23E435E3-F640-4326-B7AA-BEDD9261A7D1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2E174485-4A6C-4FD0-8FC1-AAE8C0EB740E}" = lport=137 | protocol=17 | dir=in | app=system |
"{2EF4B26A-19C5-4D8E-8071-8CF6A4223F3C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{34E562EE-DDF3-4A01-AE6A-D0DE84ACDA17}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{37C64DD5-4AD3-4A44-918A-2F72ECB24BEA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BCBDDD0-1AA3-4B17-81DC-99BAAC1EBF67}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3D69947E-757A-4F90-BFE8-C8F746F1D2EF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43B2C2FC-A502-4A3D-A467-CD058B42800F}" = rport=139 | protocol=6 | dir=out | app=system |
"{4673C741-5621-4A78-991D-D1EC16E47272}" = lport=445 | protocol=6 | dir=in | app=system |
"{4C765B94-48A7-4F45-ACBE-3146E6258291}" = lport=49159 | protocol=6 | dir=in | name=akamai netsession interface |
"{5F225D5D-6ECD-4CBD-AA76-9744F8E9FE3D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6BE2BE7A-4DE6-4C3A-ADA7-266A8F834FF5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6F6F362A-8D88-437A-94B7-69F7A06DB2B3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{746A8649-9833-4529-9874-B179D3D0F5A2}" = rport=138 | protocol=17 | dir=out | app=system |
"{9287D57D-AEA7-42A7-998B-BDE6B6776695}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ACEF2B91-CB6F-47E0-BBD3-18C67740F4F0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AD355030-ACF8-49CC-AABC-F5307D40CA51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B7FF02AF-69D8-44DB-8552-148728A598F5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C31A593B-89B4-4C23-BA74-DD39D6B9C1DD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C533561E-718A-4833-B312-D98A4A307BE5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CCEF3E8B-8801-49B1-ACAC-A17374DA8ECA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CE5126C0-38CB-4E0F-9E7D-99A089FED5EE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D27F4C4F-5E51-42A7-BFB3-E02E57533A4E}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3E8CA00-B8F7-402F-A7CF-9F1982B1F7C6}" = lport=139 | protocol=6 | dir=in | app=system |
"{F65EC882-0836-44AF-BD39-E28EDD9EC19A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F8F8B60F-E6F3-489B-A1F7-13B0BCA8CBC3}" = lport=138 | protocol=17 | dir=in | app=system |
"{FAD3ED5E-F8AA-4FA6-9FEE-5740D1EAD2FC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F14162-EB97-474A-97EF-12470F20D367}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{04687849-D085-4EA2-8850-51680A77F3DE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1BA7C8C6-DBFE-4F14-9C38-542D8F8BA001}" = protocol=17 | dir=in | app=c:\users\nico\appdata\local\akamai\netsession_win.exe |
"{269CFDFF-FEC1-44B8-8EC2-1C81AF17D30E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2E9DE98A-9C04-4739-B7A3-1F9C3B97B1CE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{30881CB2-D719-4268-851B-DB6C0ABEB380}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{3567338D-712B-490A-B87F-B37F57F84AD0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3B101DC4-75C6-4B7E-AD9D-3C5ABE83AF19}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3BE650D7-6480-4F3E-91DE-057394AAB302}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3C6DC02B-91A3-4527-AE97-C9EE3DC0F397}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3F1292A3-2821-4E83-9123-94124198D762}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{3F2412F3-2CC6-49D5-BA44-613D097F90FB}" = protocol=6 | dir=out | app=system |
"{444B3D75-D264-49CD-98C6-EA307C2D0052}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{4C086487-BFB7-4CCD-988E-26C2F3A3337F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5048EB77-4613-45E2-A8DA-268EDD9A0546}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{54FD559D-3BE4-42A2-956C-5B5DC77BA566}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5808B63B-D1D0-4C03-9A1B-738D241B72CD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5808D050-9B55-4BF8-B9E8-83FA42AAAD7D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5C7E68CC-8CD5-4260-B9A6-236AC4A65030}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{5EE88779-8FEB-4808-BC30-9EC05A91FF3B}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{618394D8-9364-40B9-BFFE-BE978A06F50B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{62616F5C-7623-41FD-BDF1-9C1CCBDE945A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6596666A-77DD-4D47-BEA1-06921A8A1FCD}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{68066C8F-0C59-4937-9828-A436C838D09D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6B0A88D6-771D-4B3D-BD27-2815B9528B25}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6D1A7774-845D-4CAE-AADE-EF79103100D1}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{6DF00C14-5A6C-42C5-982C-C7EC945AAEB4}" = protocol=17 | dir=in | app=c:\program files (x86)\telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{6F614A05-2E04-459F-9E14-1384DDFD4279}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77CFA8FD-1BFC-4B30-934C-350F0D3ECE41}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{79A08219-7863-4316-BEDB-46C6096B7954}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7B449407-E423-4612-839B-326571B6E12C}" = protocol=6 | dir=in | app=c:\program files (x86)\telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{7B5724C1-4E2A-4525-88A3-0659C9FADA77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{81E06DE1-E2A9-4DC5-8702-FC82DBA7D412}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{843F97C9-54D4-4655-8B4B-317C4A8BAE31}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{88B5A742-0951-46F1-A954-7B04106232E3}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8933FB76-3ACD-477E-B219-A6E93A41946E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8B9C3517-9821-4775-9B4A-1303F91C40C2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8BF1560E-747A-4797-BE88-ACD6E98556C4}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{9381631B-1FA1-4E58-855B-E32AC14FA30C}" = protocol=17 | dir=in | app=f:\games\call of duty - world at war\codwawmp.exe |
"{9398C9DD-0E9A-4EF7-B5C1-97CA1ABCCA0A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{94FFCFE4-0E25-483C-BB73-270BD4730329}" = protocol=6 | dir=in | app=f:\games\call of duty - world at war\codwawmp.exe |
"{9B0A3CC8-5C8B-4A6C-8D59-7ABA8378E6E0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9D5B158C-F667-4679-9466-7D53C0AC13F1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A2A99A52-F10F-4412-8F0F-12DEB602CDF3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A2B88376-03FE-41BA-9E74-90A3FCE08470}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A6F473BB-2238-4DE4-A203-EA8F67395D6C}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{AC75DC21-886F-45B5-937C-187773A030B3}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{B74CDFD0-E9B2-43E7-92A8-F894BD84E2AE}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BA2575A4-79C7-4D4A-9675-134FB5B0A12D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BBB5D70D-8266-4CCD-8094-59EEDA87A806}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C5781588-55EB-42E9-996A-08F820ED295A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C68BCFF4-51C5-42CA-8895-DCC51DF40FDC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C74826E1-E7DA-4864-95A0-D96069ACD031}" = protocol=17 | dir=in | app=c:\users\nico\appdata\roaming\dropbox\bin\dropbox.exe |
"{CBBA31F3-AC31-41BF-B64A-45D635011FFE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CD7FF919-BBCE-41F1-9751-DBF6CEBE1895}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{D05E8692-6BC7-425C-9E47-6BADBFCAC1A9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D20CE530-98DD-4951-944F-FC2151864092}" = protocol=6 | dir=in | app=c:\users\nico\appdata\local\akamai\netsession_win.exe |
"{D576B10F-E4F0-4C3F-A23F-96764D36F060}" = protocol=17 | dir=in | app=f:\games\call of duty - world at war\codwaw.exe |
"{D98B9087-C49A-4AE8-ABB9-591251BC544A}" = protocol=6 | dir=in | app=f:\games\call of duty - world at war\codwaw.exe |
"{DBE465E0-C290-4A64-831E-0383ABBFACD1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DC488800-05F0-4331-BC30-74AD210F94C6}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{DF3165A7-6B69-4CD7-8E29-571D7191836A}" = protocol=6 | dir=in | app=c:\users\nico\appdata\roaming\dropbox\bin\dropbox.exe |
"{E1452085-21C9-4AA6-9913-90BFFFAC98D1}" = protocol=6 | dir=in | app=c:\program files (x86)\telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{E2A12707-CEEF-4856-B56C-DFF8197E274F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E9CD99F4-A59D-464A-8E10-4CFB9FC21A52}" = protocol=17 | dir=in | app=c:\program files (x86)\telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{F4AF898D-D83C-4B64-A32C-29E21B63ED40}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{143F3253-DAC4-4A84-90ED-58FBB01C38FE}C:\users\nico\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\nico\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{15E20C75-5183-4236-8710-12F9C386FBF8}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{23605376-C177-4FD5-A5D1-F88CCF782C02}C:\users\nico\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\nico\appdata\roaming\spotify\spotify.exe |
"TCP Query User{687EF463-B86B-4E52-BA6D-37EFC9A95DBB}F:\games\motogp 2007\motogp.exe" = protocol=6 | dir=in | app=f:\games\motogp 2007\motogp.exe |
"TCP Query User{6BB7E3CE-5706-4774-B0F7-18ADE251BBDC}F:\games\deadspace\dead space.exe" = protocol=6 | dir=in | app=f:\games\deadspace\dead space.exe |
"TCP Query User{6D8A7A29-E2E3-4959-8226-6644417EA6BB}C:\program files (x86)\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"TCP Query User{7B5EE8AA-0A29-4119-8437-099CF177A33E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{84A6BC78-10E6-47C3-BFAC-699D01F58693}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{8744EF8E-0903-438F-B38A-3DA385426F93}F:\deadspace\dead space.exe" = protocol=6 | dir=in | app=f:\deadspace\dead space.exe |
"TCP Query User{A1842B3D-EEDF-4947-B4DB-18D2C7B6EBFE}C:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe |
"TCP Query User{BD676508-BDD8-475F-AA94-08E22F9B820B}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{D1D383C3-5E91-420D-8FD9-20C56848F24B}C:\users\nico\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\nico\appdata\local\akamai\netsession_win.exe |
"TCP Query User{D79B3B28-61F2-4D38-8BC5-284CE00FF305}C:\program files (x86)\last.fm\lastfm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\last.fm\lastfm.exe |
"TCP Query User{DFD18453-ABC0-45F3-B17C-3DB24D8D4140}C:\program files (x86)\vortex software\growl for windows\growl.windowsclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vortex software\growl for windows\growl.windowsclient.exe |
"TCP Query User{E7802569-91CE-4081-801B-42BF36E73D4D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{091CD2DD-2163-43D5-88A0-2F08E95578F7}C:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe |
"UDP Query User{127542F7-D610-402B-AE5E-F1AA5C3BBAC1}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{182B8228-4160-4653-B60A-EFDB76E1F966}C:\users\nico\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\nico\appdata\roaming\spotify\spotify.exe |
"UDP Query User{276FF70E-55F7-44B2-A428-775991A2AEE4}C:\program files (x86)\vortex software\growl for windows\growl.windowsclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vortex software\growl for windows\growl.windowsclient.exe |
"UDP Query User{793CFFC6-C168-48F0-AF6F-573DC852BD2F}C:\program files (x86)\last.fm\lastfm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\last.fm\lastfm.exe |
"UDP Query User{80A6E03B-4E00-4AE7-A515-DC24F9A61BB4}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{8F076158-9AE2-4F24-9CFE-1A5C5F59E327}F:\games\motogp 2007\motogp.exe" = protocol=17 | dir=in | app=f:\games\motogp 2007\motogp.exe |
"UDP Query User{95E123F2-FB27-4F17-BFDD-40C75EA24CB2}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{9A280B9E-26D4-455E-A32D-149227FD30B7}C:\users\nico\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\nico\appdata\local\akamai\netsession_win.exe |
"UDP Query User{A17C0414-5855-45B7-8EB0-451B2CF14440}F:\games\deadspace\dead space.exe" = protocol=17 | dir=in | app=f:\games\deadspace\dead space.exe |
"UDP Query User{B2053C73-4206-4911-ACBE-5760EE515BDD}C:\program files (x86)\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"UDP Query User{B4F74675-ABC2-4229-A369-0115A14C245A}C:\users\nico\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\nico\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{C4A695FA-5F3B-43DF-9DAD-2819EC2FD813}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{CD3C83D5-DD99-46FF-A76A-1DEF657C54BC}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{DC61FE53-B590-4FEF-A228-3338D2844B40}F:\deadspace\dead space.exe" = protocol=17 | dir=in | app=f:\deadspace\dead space.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C8E38DC-AD7F-3EE3-01A8-EDCD37B8646F}" = ccc-utility64
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments GuitarRig Mobile IO Driver
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Session IO Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{9FF59B5F-16F3-15B2-2474-AB2376D7329D}" = ATI Catalyst Install Manager
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver
"{C25215FC-5900-48B0-B93C-8D3379027312}" = PASW Statistics 18
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1EF69B7-7A97-40FC-9AF1-6D6656FF874F}" = ATI AVIVO64 Codecs
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 6.0.0.702
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"ONAIR_is1" = ONAIR 4.0.0.834
"sp6" = Logitech SetPoint 6.20
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07731480-9925-4E0B-180A-79DABFE1C5F6}" = CCC Help English
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E35BFAF-A40C-CF70-5F80-C9820E054FA7}" = Catalyst Control Center HydraVision Full
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13105BEE-D0F3-E613-BF57-568AD866D42C}" = Catalyst Control Center Graphics Previews Common
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C99893D-BC98-4456-AA3E-B67AB42301A6}" = E-MU USB Audio
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Ethernet Utility
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216EAAD9-D733-4141-BEAF-2C0B6F6B1D04}" = AmpliTube LE
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{335180B3-94EA-1525-6171-EFAD9024D909}" = Catalyst Control Center Localization German
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A29E75C-A8DE-49B4-9AF3-2266CE76C428}" = Sun ODF Plugin for Microsoft Office 1.2
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{633A06C3-B709-479A-AAB3-5EE94AD9EE4B}" = Acronis*True*Image*Home
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6E19F210-3813-4002-B561-94D66AA182B6}" = Attansic L1 Gigabit Ethernet Driver
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E02E0E7-1D63-9437-142C-144B5C4367D3}" = Catalyst Control Center Graphics Light
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90510407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{90EC11E4-854E-4C0F-9B4C-76D6C7CF7C68}" = Linksys WUSB600N Dual-Band Wireless-N USB Network Adapter
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9623CC51-112F-DD12-0CBB-7239752F0D08}" = Skins
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D0682C2-32F1-9073-02BA-AE05DFF2E934}" = ccc-core-static
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_952" = Adobe Acrobat 9.5.2 - CPSID_83708
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{B1836D00-BA15-DC8F-C428-171B9B870851}" = HydraVision
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{C149BA55-8DD8-7A84-CB7E-129A928B7CBE}" = Catalyst Control Center InstallProxy
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1DF4A53-B841-C83F-8F3F-2B61D200E614}" = Catalyst Control Center Graphics Full New
"{D22F5242-773E-4270-AB1F-492021BCABBE}" = Garmin City Navigator Europe NT 2010.31 Update
"{D2F28E39-9813-41D3-8EC9-BAADA38C426D}" = VMware Remote Console Plug-in
"{D3F43601-7ED5-1D9F-2C6A-4B4805F24548}" = CCC Help German
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8 Ultra Edition HD
"{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1" = FireJump
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE59B901-18EA-4CB9-ADE4-291BF5C1E12E}_is1" = MiniTool Partition Wizard Home Edition 7.0
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EC14BD52-73EB-E17A-26F3-E8CA419A437C}" = Catalyst Control Center Graphics Previews Vista
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F02C931A-24C7-9255-D300-37DB83BBCDD1}" = Catalyst Control Center Graphics Full Existing
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20A984B-9B30-4A9E-A3AC-918AF0D85A48}" = Snagit 9.1.1
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9A90D58-F71B-55B9-30A5-ECD21BBE5C61}" = Catalyst Control Center Core Implementation
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FBB02B04-C034-4382-A3F6-57416E2752C4}" = Adobe Creative Suite 5 Master Collection
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"7-Zip" = 7-Zip 4.65
"8461-7759-5462-8226" = Vuze
"8781-9705-0578-2960" = Medienmanager 1.3.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface Service
"aonUpdate" = aonUpdate
"ArgoUML" = ArgoUML 0.26.2
"AudioConverter Studio_is1" = AudioConverter Studio 6.1
"Avira AntiVir Desktop" = Avira Free Antivirus
"CanonMyPrinter" = Canon My Printer
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Finale 2007" = Finale 2007
"foobar2000" = foobar2000 v0.9.6.2
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8.13.804
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"Google Updater" = Google Updater
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.63
"InstallShield_{90EC11E4-854E-4C0F-9B4C-76D6C7CF7C68}" = Linksys Dual-Band Wireless-N USB Network Adapter
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"MainApp.exe_is1" = CloneDVD 4.1.0.23
"MiKTeX 2.7" = MiKTeX 2.7
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyFreeCodec" = MyFreeCodec
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments GuitarRig Mobile IO Driver" = Native Instruments GuitarRig Mobile IO Driver
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Session IO Driver" = Native Instruments Session IO Driver
"Notepad++" = Notepad++
"Photo Resize Magic" = Photo Resize Magic 1.0
"RealPlayer 6.0" = RealPlayer
"Steinberg Cubase LE" = Steinberg Cubase LE
"SUPER ©" = SUPER © Version 2008.bld.30 (Mar 22, 2008)
"TomTom HOME" = TomTom HOME 2.8.1.2218
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.6
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WinGimp-2.0_is1" = GIMP 2.4.2
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.1.8
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4276689660-1082581986-1976619290-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Spotify" = Spotify
"TeXLive" = TeXLive 2008
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.08.2012 06:08:31 | Computer Name = stand-pc | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 21.08.2012 15:55:23 | Computer Name = stand-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385,
Zeitstempel: 0x4a5bd018 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004e4b4
ID
des fehlerhaften Prozesses: 0x844 Startzeit der fehlerhaften Anwendung: 0x01cd7fd6e598f6e3
Pfad
der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmprph.exe Pfad
des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 246e3744-ebca-11e1-9e1b-0022158f67e4
Error - 21.08.2012 17:08:34 | Computer Name = stand-pc | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 21.08.2012 17:08:36 | Computer Name = stand-pc | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 21.08.2012 17:08:36 | Computer Name = stand-pc | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 22.08.2012 11:44:10 | Computer Name = stand-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NMIndexStoreSvr.exe, Version: 3.3.8.0,
Zeitstempel: 0x4860cce5 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000100 ID des fehlerhaften
Prozesses: 0x910 Startzeit der fehlerhaften Anwendung: 0x01cd807cbe2bea4c Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 365e8a29-ec70-11e1-b454-0022158f67e4
Error - 22.08.2012 11:49:31 | Computer Name = stand-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NMIndexStoreSvr.exe, Version: 3.3.8.0,
Zeitstempel: 0x4860cce5 Name des fehlerhaften Moduls: NMIndexStoreSvr.exe, Version:
3.3.8.0, Zeitstempel: 0x4860cce5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000b29e7
ID
des fehlerhaften Prozesses: 0xa10 Startzeit der fehlerhaften Anwendung: 0x01cd807d8fc38ed8
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
Berichtskennung:
f63d2feb-ec70-11e1-aa89-0022158f67e4
Error - 27.08.2012 08:36:29 | Computer Name = stand-pc | Source = Software Protection Platform Service | ID = 1001
Description = Fehler beim Starten des Softwareschutzdiensts. 0x80070002 6.1.7601.17514
Error - 27.08.2012 08:37:55 | Computer Name = stand-pc | Source = Software Protection Platform Service | ID = 1001
Description = Fehler beim Starten des Softwareschutzdiensts. 0x80070002 6.1.7601.17514
Error - 27.08.2012 09:53:50 | Computer Name = stand-pc | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.59.1 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10a8 Startzeit:
01cd845afe0fff73 Endzeit: 0 Anwendungspfad: C:\Users\nico\Desktop\OTL.exe Berichts-ID:
[ System Events ]
Error - 27.08.2012 08:35:16 | Computer Name = stand-pc | Source = WMPNetworkSvc | ID = 866291
Description =
Error - 27.08.2012 08:35:16 | Computer Name = stand-pc | Source = WMPNetworkSvc | ID = 866316
Description =
Error - 27.08.2012 08:35:16 | Computer Name = stand-pc | Source = PNRPSvc | ID = 102
Description =
Error - 27.08.2012 08:35:16 | Computer Name = stand-pc | Source = PNRPSvc | ID = 102
Description =
Error - 27.08.2012 08:35:16 | Computer Name = stand-pc | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 27.08.2012 08:35:16 | Computer Name = stand-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 27.08.2012 08:35:16 | Computer Name = stand-pc | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 27.08.2012 08:35:16 | Computer Name = stand-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 27.08.2012 08:36:29 | Computer Name = stand-pc | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Software Protection" wurde mit folgendem Fehler beendet:
%%2
Error - 27.08.2012 08:37:55 | Computer Name = stand-pc | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Software Protection" wurde mit folgendem Fehler beendet:
%%2
< End of report >
wie geht's jetzt weiter?
danke |
