| benkei80 | 04.12.2012 23:20 |
Hallo, danke für deine Hilfe.
Der Bildschirm wird komplett schwarz, dann grün, dann blau und dann rot. Evtl. in einer anderen Reihenfolge.
Dannach kommt ein Bluescreen, mit einem Haufen von Text.
Wenn es nötig ist provoziere ich einen Absturz und mache ein Foto.
Bei den Popups handelt es sich meisten um irgendwelche Seiten bei denen man ganz schnell viel Geld verdienen kann. Wenn man das Fenster schliessen will, fragt der Browser ob man die Seite wirklich verlassen will.
Das finde ich schon immer bescheiden, dort etwas anzuklicken, aber sonst kann man den Popup nur über den Taskmanager schliessen, was auf Dauer nervt.
Auf der Seite kann man kostenlose 3D Modelle herunterladen, die ich für mein Studium benötige.
Schritt 1.
Otl Scan Teil 1:
OTL Logfile: Code:
OTL logfile created on: 04.12.2012 23:03:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Siebi\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,90 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 72,92% Memory free
7,80 Gb Paging File | 6,64 Gb Available in Paging File | 85,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 6,69 Gb Free Space | 11,99% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 36,89 Gb Free Space | 12,38% Space Free | Partition Type: NTFS
Drive E: | 246,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 465,76 Gb Total Space | 338,20 Gb Free Space | 72,61% Space Free | Partition Type: NTFS
Computer Name: SIEBI-LAPPI | User Name: Siebi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012.12.04 23:01:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Siebi\Downloads\OTL.exe
PRC - [2012.11.25 23:26:16 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
PRC - [2012.08.10 17:59:52 | 004,440,896 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Siebi\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.07.23 16:32:20 | 001,632,216 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
PRC - [2011.09.15 05:19:54 | 000,086,016 | ---- | M] () -- D:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
PRC - [2010.11.20 13:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2010.10.25 14:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009.06.04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008.07.29 18:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
========== Modules (No Company Name) ==========
MOD - [2012.05.30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.10.25 14:15:46 | 000,019,968 | ---- | M] () -- D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU
MOD - [2008.07.29 18:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
========== Services (SafeList) ==========
SRV:64bit: - [2009.07.16 14:59:56 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007.02.12 15:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2012.09.07 22:21:32 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV - [2012.01.31 02:10:36 | 000,339,776 | ---- | M] ( ) [Auto | Running] -- D:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe -- (mitsijm2013)
SRV - [2011.09.15 05:19:54 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe -- (mi-raysat_3dsmax2013_64)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.08.02 10:41:27 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.07.31 20:50:49 | 000,029,184 | ---- | M] (Egistec) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor)
DRV:64bit: - [2012.05.11 06:20:10 | 000,020,048 | ---- | M] (Iomega Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vNICdrv.sys -- (vNICdrv)
DRV:64bit: - [2012.04.25 11:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2010.11.20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.15 18:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009.07.16 15:32:38 | 006,096,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.16 15:32:38 | 006,096,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2009.07.16 14:10:08 | 000,135,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009.07.16 13:54:52 | 007,342,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2009.07.16 13:54:52 | 007,342,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009.06.10 21:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 17:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.05.22 07:32:52 | 000,311,424 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerAF15.sys -- (AVerAF15)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.07 16:57:00 | 000,069,152 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)
DRV:64bit: - [2009.05.07 16:47:00 | 000,048,800 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR)
DRV:64bit: - [2007.03.28 06:50:18 | 000,046,592 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\winbondcir.sys -- (winbondcir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-60234808-489003216-2873783-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKU\S-1-5-21-60234808-489003216-2873783-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-60234808-489003216-2873783-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DF 28 FC 1F 50 6F CD 01 [binary data]
IE - HKU\S-1-5-21-60234808-489003216-2873783-1001\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKU\S-1-5-21-60234808-489003216-2873783-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-60234808-489003216-2873783-1001\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-60234808-489003216-2873783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-60234808-489003216-2873783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {aab35b56-0206-4472-9993-9cb5c09bb722}:1.5.5
FF - prefs.js..extensions.enabledAddons: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:2.0.7
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.08.22 10:07:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: D:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012.08.22 10:06:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012.10.29 20:27:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: d:\Program Files (x86)\Mozilla Thunderbird\components [2012.08.06 12:19:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: d:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012.10.29 20:27:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
[2012.07.31 20:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siebi\AppData\Roaming\mozilla\Extensions
[2012.10.24 07:35:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siebi\AppData\Roaming\mozilla\Firefox\Profiles\f3f3o73t.default\extensions
[2012.08.29 07:56:19 | 000,000,000 | ---D | M] (Snip It! Button for eBay) -- C:\Users\Siebi\AppData\Roaming\mozilla\Firefox\Profiles\f3f3o73t.default\extensions\{aab35b56-0206-4472-9993-9cb5c09bb722}
[2012.09.11 09:49:19 | 000,341,143 | ---- | M] () (No name found) -- C:\Users\Siebi\AppData\Roaming\mozilla\firefox\profiles\f3f3o73t.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2012.07.31 21:00:18 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: VLC Web Plugin (Enabled) = d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - Extension: Google Drive = C:\Users\Siebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Siebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Siebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Siebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.12.04 15:31:41 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-60234808-489003216-2873783-1001..\Run: [Akamai NetSession Interface] C:\Users\Siebi\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-60234808-489003216-2873783-1001..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-60234808-489003216-2873783-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-60234808-489003216-2873783-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-60234808-489003216-2873783-1001\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-60234808-489003216-2873783-1001\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-60234808-489003216-2873783-1001\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-60234808-489003216-2873783-1001\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-60234808-489003216-2873783-1001\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.102 80.69.103.78 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD48AFDF-8940-43FB-B2D1-27730181C252}: DhcpNameServer = 80.69.100.102 80.69.103.78 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E93320C2-FACB-4948-8064-F15375C4C6DF}: DhcpNameServer = 80.69.100.182 80.69.100.174 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.09.07 22:22:59 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2012.09.08 06:39:06 | 000,000,000 | ---D | M] - D:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {296DF24B-595A-9E08-C934-1C7AE31DF2D4} - Browser Customizations
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3365D4F1-1916-1E61-EC03-3D74C75E0426} - Microsoft Windows Media Player
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {605E8D1D-0583-374E-E35E-4AD3373F9064} - Microsoft Windows Media Player
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {9AF8939C-1D6A-B0AB-F7EA-1FAB60445CE1} - Themes Setup
ActiveX:64bit: {B009AA63-54A0-60CD-5BEE-B1E86D7032BB} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {D22A70E0-64FF-0C00-AF53-8BA0E2C0E4B4} - Offline Browsing Pack
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {F8C3C7B1-C463-43C5-B6CF-A0CD4A866E83} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.12.04 16:54:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.04 15:34:01 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.12.04 15:26:00 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.04 15:26:00 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.04 15:26:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.04 15:25:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.04 15:25:48 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.11.25 23:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.11.25 23:26:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.11.25 23:26:13 | 000,000,000 | ---D | C] -- C:\Users\Siebi\AppData\Local\Google
[2012.11.14 08:50:36 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.14 08:50:36 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.14 08:46:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.14 08:46:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.14 08:46:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.14 08:46:47 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.14 08:46:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.14 08:46:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.14 08:46:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.11.14 08:46:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.14 08:46:46 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.11.14 08:46:46 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.11.14 08:46:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.14 08:46:46 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.14 08:46:45 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.14 08:46:45 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.14 08:46:44 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.14 08:44:57 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.14 08:44:57 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.14 08:44:56 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.14 08:44:56 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.14 08:36:17 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.14 08:36:17 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.14 08:36:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.14 08:36:15 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.11.14 08:36:15 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.14 08:36:15 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.14 08:36:15 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.14 08:36:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.14 08:36:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.14 08:36:10 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.14 08:36:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.04 22:59:11 | 000,047,074 | ---- | M] () -- C:\Users\Siebi\Desktop\Wegzeitrechner - CT.ods
[2012.12.04 22:31:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.04 18:59:38 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.04 18:59:38 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.04 18:56:59 | 001,633,180 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.04 18:56:59 | 000,933,826 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.04 18:56:59 | 000,450,628 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.04 18:56:59 | 000,392,006 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.04 18:56:59 | 000,006,248 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.04 18:52:38 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.04 18:52:36 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012.12.04 18:52:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.04 18:52:19 | 3143,258,112 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.04 15:31:41 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.12.02 20:32:26 | 000,015,501 | ---- | M] () -- C:\Users\Siebi\Desktop\Liste.ods
[2012.12.01 16:49:28 | 000,027,270 | ---- | M] () -- C:\Users\Siebi\Desktop\Brückenbau.ods
[2012.12.01 11:01:23 | 000,001,013 | ---- | M] () -- C:\Users\Siebi\Desktop\Wegzeitrechner.csv
[2012.11.30 22:55:06 | 000,527,417 | ---- | M] () -- C:\Users\Siebi\Desktop\Vorlage_Kuendigung_Autoversicherung.pdf
[2012.11.28 10:07:45 | 000,042,870 | ---- | M] () -- C:\Users\Siebi\Desktop\Wegzeitrechner.ods
[2012.11.27 23:48:19 | 001,278,203 | ---- | M] () -- C:\Users\Siebi\Desktop\Siebol.de_sign LOGO.ai
[2012.11.27 21:37:52 | 001,461,714 | ---- | M] () -- C:\Users\Siebi\Desktop\SIEBOLD DESIGN.ai
[2012.11.25 23:26:56 | 000,002,273 | ---- | M] () -- C:\Users\Siebi\Desktop\Google Chrome.lnk
[2012.11.15 11:44:14 | 004,963,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.08 12:00:49 | 000,020,223 | ---- | M] () -- C:\Users\Siebi\Desktop\wagen teile.pdf
[2012.11.06 23:06:43 | 000,075,776 | ---- | M] () -- C:\Users\Siebi\Documents\Seitenteil.ipt
[2012.11.06 23:06:43 | 000,070,656 | ---- | M] () -- C:\Users\Siebi\Documents\Baugruppe1.iam
[2012.11.06 23:06:36 | 000,268,192 | ---- | M] () -- C:\Users\Siebi\Documents\Langes Brett.dwg
[2012.11.06 23:06:35 | 000,083,456 | ---- | M] () -- C:\Users\Siebi\Documents\Rad.ipt
[2012.11.06 23:06:27 | 000,603,072 | ---- | M] () -- C:\Users\Siebi\Documents\Puppenwagen V4.dwg
[2012.11.06 23:06:19 | 000,073,728 | ---- | M] () -- C:\Users\Siebi\Documents\Puppenwagen V4.iam
[2012.11.06 21:11:29 | 000,050,688 | ---- | M] () -- C:\Users\Siebi\Documents\Bauteil2.ipt
[2012.11.06 21:01:16 | 000,078,848 | ---- | M] () -- C:\Users\Siebi\Documents\Stange.ipt
[2012.11.06 20:40:02 | 000,077,824 | ---- | M] () -- C:\Users\Siebi\Documents\querbrett.ipt
[2012.11.06 16:30:55 | 000,200,192 | ---- | M] () -- C:\Users\Siebi\Documents\kinderwagen version 4.ipt
[2012.11.06 16:26:53 | 000,073,728 | ---- | M] () -- C:\Users\Siebi\Documents\Langes Brett.ipt
[2012.11.06 16:26:41 | 000,073,728 | ---- | M] () -- C:\Users\Siebi\Documents\Kurzes Brett.ipt
[2012.11.06 10:13:47 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.06 10:13:47 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.04 16:55:00 | 000,047,074 | ---- | C] () -- C:\Users\Siebi\Desktop\Wegzeitrechner - CT.ods
[2012.12.04 15:26:00 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.04 15:26:00 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.04 15:26:00 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.04 15:26:00 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.04 15:26:00 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.01 11:03:18 | 000,027,270 | ---- | C] () -- C:\Users\Siebi\Desktop\Brückenbau.ods
[2012.12.01 11:00:57 | 000,001,013 | ---- | C] () -- C:\Users\Siebi\Desktop\Wegzeitrechner.csv
[2012.11.30 22:49:39 | 000,527,417 | ---- | C] () -- C:\Users\Siebi\Desktop\Vorlage_Kuendigung_Autoversicherung.pdf
[2012.11.27 21:55:48 | 001,278,203 | ---- | C] () -- C:\Users\Siebi\Desktop\Siebol.de_sign LOGO.ai
[2012.11.27 21:37:51 | 001,461,714 | ---- | C] () -- C:\Users\Siebi\Desktop\SIEBOLD DESIGN.ai
[2012.11.25 23:26:56 | 000,002,273 | ---- | C] () -- C:\Users\Siebi\Desktop\Google Chrome.lnk
[2012.11.25 23:26:16 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.25 23:26:16 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.25 10:31:05 | 000,042,870 | ---- | C] () -- C:\Users\Siebi\Desktop\Wegzeitrechner.ods
[2012.11.14 08:50:37 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.14 08:44:56 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.08 12:00:49 | 000,020,223 | ---- | C] () -- C:\Users\Siebi\Desktop\wagen teile.pdf
[2012.11.06 23:06:41 | 000,070,656 | ---- | C] () -- C:\Users\Siebi\Documents\Baugruppe1.iam
[2012.11.06 21:12:26 | 000,075,776 | ---- | C] () -- C:\Users\Siebi\Documents\Seitenteil.ipt
[2012.11.06 21:11:29 | 000,050,688 | ---- | C] () -- C:\Users\Siebi\Documents\Bauteil2.ipt
[2012.11.06 21:00:32 | 000,078,848 | ---- | C] () -- C:\Users\Siebi\Documents\Stange.ipt
[2012.11.06 20:48:18 | 000,083,456 | ---- | C] () -- C:\Users\Siebi\Documents\Rad.ipt
[2012.11.06 20:36:05 | 000,077,824 | ---- | C] () -- C:\Users\Siebi\Documents\querbrett.ipt
[2012.11.06 16:26:21 | 000,073,728 | ---- | C] () -- C:\Users\Siebi\Documents\Kurzes Brett.ipt
[2012.11.06 16:26:06 | 000,073,728 | ---- | C] () -- C:\Users\Siebi\Documents\Langes Brett.ipt
[2012.08.04 19:05:27 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv6
[2012.08.02 23:34:47 | 001,594,122 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.31 20:53:27 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2012.07.31 20:53:27 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2012.07.31 20:53:27 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2012.07.31 20:53:27 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2012.07.31 20:36:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.31 16:49:04 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012.07.31 16:49:03 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012.07.31 16:49:03 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2012.07.31 16:49:03 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2012.07.31 16:49:01 | 000,000,542 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Custom Scans ==========
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "D:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012.10.29 20:27:55 | 000,891,808 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "D:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012.10.29 20:27:55 | 000,891,808 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "D:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012.10.29 20:27:55 | 000,891,808 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: D:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012.10.29 20:27:55 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "D:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012.10.29 20:27:55 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "D:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012.10.29 20:27:55 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012.11.28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012.11.28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012.11.28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012.11.28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012.07.31 20:42:13 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012.07.31 20:42:13 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012.07.31 20:42:13 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012.10.08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2012.10.08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "D:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012.10.29 20:27:55 | 000,891,808 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "D:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012.10.29 20:27:55 | 000,891,808 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "D:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012.10.29 20:27:55 | 000,891,808 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: D:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012.10.29 20:27:55 | 000,917,984 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "D:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012.10.29 20:27:55 | 000,917,984 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "D:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012.10.29 20:27:55 | 000,917,984 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012.11.28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012.11.28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012.11.28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012.11.28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012.07.31 20:42:13 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012.07.31 20:42:13 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012.07.31 20:42:13 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012.10.08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2012.10.08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
========== Alternate Data Streams ==========
@Alternate Data Stream - 1354 bytes -> C:\Users\Siebi\AppData\Local\RzHNbJAiamaz:oxHURFMCPvRv7tisG5D5
< End of report >
--- --- ---
Teil 2:
OTL Logfile: Code:
OTL Extras logfile created on: 04.12.2012 23:03:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Siebi\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,90 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 72,92% Memory free
7,80 Gb Paging File | 6,64 Gb Available in Paging File | 85,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 6,69 Gb Free Space | 11,99% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 36,89 Gb Free Space | 12,38% Space Free | Partition Type: NTFS
Drive E: | 246,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 465,76 Gb Total Space | 338,20 Gb Free Space | 72,61% Space Free | Partition Type: NTFS
Computer Name: SIEBI-LAPPI | User Name: Siebi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-60234808-489003216-2873783-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0685EFB5-257A-49F5-9153-744388BE2877}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{14B384F7-6425-4D38-AF14-28D167B11EED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{208F7ACC-2317-4E59-8B8B-D7B6097DE5B7}" = lport=138 | protocol=17 | dir=in | app=system |
"{220B4EEF-28E9-4E7A-84C3-50BD679FD0D9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2E638299-9942-4E45-91AA-7CD580122A16}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{31A840EF-5CD1-4527-B255-BC13EFD43A3E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{37E17BFD-34B9-443F-BC70-3B10EFF8F5A0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{395791BA-C076-4367-8CE4-9C4323D2FB3F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{403519EA-BB80-4C85-BB9A-5D45FFCD19F2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4B753991-4CF5-4AE6-A938-B2AB876074A6}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.5 |
"{5B00F02C-2312-45CD-9B26-4ABC2328BD29}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5FB7D991-641D-4BED-A019-0FF23DF90A59}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{62E7EA8C-6EDF-442B-97C0-3807105EB0C3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{65AEB796-7618-4CC5-B6AC-45EEE1442935}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6722B57C-4194-4294-A3A8-036E19328E3A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6F186E97-BA14-4A75-8F2D-1D9A99134DEF}" = rport=445 | protocol=6 | dir=out | app=system |
"{715B29C0-889A-4491-A5F6-5662C822413A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7C8D196C-891C-4816-82CA-CE56A00039D6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{818B9125-4F8E-43D7-B829-AE2C8F1E0D11}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82F64DA0-B335-4C7E-B42C-9B3B234603AD}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{99E88D67-5DE4-4DA5-8CD3-3D974B4FAC1E}" = lport=445 | protocol=6 | dir=in | app=system |
"{A3483EBD-5282-49D6-91F2-1CA6024D9D51}" = rport=138 | protocol=17 | dir=out | app=system |
"{AE20D6CA-D493-4A24-A7FD-6B9B4E4A8FA0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6F6E837-56A4-474C-938A-B1E22FAC5FF2}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B7979ADD-93B0-49A0-B96C-3B46FE815A6A}" = lport=137 | protocol=17 | dir=in | app=system |
"{BC3A91F9-058E-4745-96D4-73AC0EB221AF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BDADB5D9-8688-4B1E-9BEA-6DDADC8DD8DC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C1DDB275-D9C9-4E97-8CF2-18BF5287AFC1}" = lport=139 | protocol=6 | dir=in | app=system |
"{CEBB4C14-3068-4BAE-966E-6FD901A03738}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D9658A52-4BD6-4C47-8AB8-62E6334D1ED7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D980887A-541C-4EC0-8E5A-793EF2C59BD6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC64A259-8AAA-4FCF-BBDD-E8B6637797F9}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E0D85A91-19C5-4E4C-A0ED-B5D8D58BB868}" = rport=2869 | protocol=6 | dir=out | app=system |
"{E221AAA7-CE30-4BA8-8714-B91462BD9B44}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E44CC5BF-7EBB-4E82-9C95-1F5EAE246FB6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EC65DA39-4A24-4F4F-BBE0-0E854037D90E}" = rport=137 | protocol=17 | dir=out | app=system |
"{F74280A9-D5F9-491E-820F-456760570802}" = rport=139 | protocol=6 | dir=out | app=system |
"{FBF2689A-F6F6-45F2-B384-90C2AE1E7356}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FCC0ACEB-7184-4985-8232-8A7C9572F95F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDB9777A-584C-4F45-BEB9-2818433C1309}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0159102D-FE60-4546-9EE3-A54373901BC7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0168E29C-BE08-48AC-B340-35829CC49203}" = protocol=6 | dir=in | app=c:\program files (x86)\twonkymedia\twonkymediaserverwatchdog.exe |
"{057BCB63-FBB9-49FE-81F8-EBBA1C6F41CA}" = protocol=6 | dir=out | app=system |
"{058DE6D3-006E-442A-B67B-375E249D4CA7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12BD9C37-B09E-42DD-B686-C7DDD8E834A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1E742217-4E2F-45CC-B9A8-CC22D7A0BBE4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2381F224-DEC2-4193-B91B-A67DE14873D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4010C1C5-6120-47B6-B65B-824AA9D7B8DC}" = protocol=17 | dir=in | app=c:\program files (x86)\twonkymedia\twonkymediaserver.exe |
"{41552D19-769E-4D00-B313-95769BFE9686}" = protocol=6 | dir=in | app=d:\program files\software4u\idevice manager\software4u.idevicemanager.exe |
"{455AD853-F441-4BEE-8955-1E7DC8C796D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4DC64941-E69E-43B2-B9AD-A6F74CC97B6C}" = protocol=6 | dir=in | app=d:\program files\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{50271CFF-7663-47F7-A30C-9AC8FE413A56}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{52878666-7383-463F-B133-31C9B71F6134}" = protocol=17 | dir=in | app=d:\program files (x86)\iomega\discovery tool home\discovery home.exe |
"{52AFDBA4-9E1F-4814-99B2-B035AE1F93B2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{561C71A6-9BD6-433A-B497-C9D68825F2EA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{571D607A-2D88-4576-9D42-B42A91118BC6}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{6B7E79E0-0943-4C53-B9A1-2AFBD7FE37F7}" = protocol=17 | dir=in | app=d:\program files\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{6CF68581-0792-4B4E-BB1E-152DC4A4CCDA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6FA38EEB-06A5-4469-BE9F-16FB7CB8C324}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{729748E1-984B-4DDE-81A8-C234D33550EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{740D1A93-6B89-4FE8-BD7E-C1ED93B016D6}" = protocol=17 | dir=in | app=d:\program files\software4u\idevice manager\software4u.idevicemanager.exe |
"{7C01AFA2-5E8F-4AE6-898E-D2ACB32E1A8E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7D6EB6ED-7CCF-411D-B963-1093780B9C03}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{8A6A5B46-4818-45B8-B3A6-EA5C0B3C6348}" = protocol=6 | dir=in | app=d:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{8AC6BA82-D453-4F80-8515-8E2F0A3A3B8F}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{8D990135-1754-4FC7-A4F2-8D7E32EF5162}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8F7252B1-547C-4142-8BDC-D56FD9B57CDB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{95B1DFF6-F957-47AD-BD31-238F1E377584}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9C55FDBE-028F-4953-BF16-0C0BB4B6C864}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9D435145-3AF7-4A2B-B688-00F47076AF53}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A3906316-A67B-4637-A131-F00B476D8F13}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{A6FC4BE5-3689-4BC6-8D3A-813AB6617EC7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A7455575-D620-49FB-B152-162753705AF9}" = protocol=6 | dir=in | app=d:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_64.exe |
"{A8512FC4-B5A6-4C4B-8DF9-FF98C3781AAD}" = protocol=17 | dir=in | app=d:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_64server.exe |
"{B2DEB9AA-C24F-4513-AC87-49FA054B614B}" = dir=in | app=d:\program files (x86)\itunes\itunes.exe |
"{B56A82EA-15A8-430B-B9CE-F33E1F0FF465}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BEB92122-7D75-4158-AEA4-E0C6650C7885}" = protocol=6 | dir=in | app=c:\program files (x86)\twonkymedia\twonkymediaserver.exe |
"{CC34DA4D-C383-4455-AA6A-14FB6A9F58B9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D01A44C3-117C-4F76-AAEC-38374995D0F7}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{D269D2C5-65A5-47DB-9BA3-66BDBC1A4877}" = protocol=17 | dir=in | app=d:\program files\autodesk\3ds max 2013\3dsmax.exe |
"{D5FD933A-2C23-4CFC-8870-9B0AC071D550}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{D95C82E3-78D8-4E4E-A6FA-A5532BDAF568}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{DD2D7F70-1C70-4EC1-889F-A6F864FD2E71}" = protocol=6 | dir=in | app=d:\program files (x86)\iomega\discovery tool home\discovery home.exe |
"{E647F24E-AC4B-4698-9491-34FFE54F4774}" = protocol=6 | dir=in | app=d:\program files\autodesk\3ds max 2013\3dsmax.exe |
"{E84A76ED-77E8-4A1D-957F-6757E0B6181D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E9F0F513-DA00-4975-B118-91A1F44DB43C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EA6CA3E7-4B8D-4C21-9577-173DD34E42B2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F54EA94F-CA7D-4338-AE98-6879DD797CBC}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{F67C5862-00EE-434C-9067-E46B7D6099CB}" = protocol=17 | dir=in | app=c:\program files (x86)\twonkymedia\twonkymediaserverwatchdog.exe |
"{F7C27FDE-4126-4DA2-853B-28C5CADAEC51}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FB0D987B-7881-4147-A828-8139A36606D9}" = protocol=6 | dir=in | app=d:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_64server.exe |
"{FED9FD0A-A7C6-4FC4-A302-90E97FEC7BD4}" = protocol=17 | dir=in | app=d:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_64.exe |
"{FF158508-9A18-4B75-B134-D2C88D717D3A}" = protocol=17 | dir=in | app=d:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"TCP Query User{14D61502-AABC-4FE5-929D-2B280E72075E}D:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{1E771D33-1F46-4066-8808-2AB9699A2B16}D:\program files (x86)\iomega\discovery tool home\discovery home.exe" = protocol=6 | dir=in | app=d:\program files (x86)\iomega\discovery tool home\discovery home.exe |
"TCP Query User{257CAC12-6E8F-46EE-906A-C4E436EC78F1}D:\program files (x86)\iomega storage manager\iomegastoragemanager.exe" = protocol=6 | dir=in | app=d:\program files (x86)\iomega storage manager\iomegastoragemanager.exe |
"TCP Query User{458E9D0F-B5B3-4A4A-839B-B2C45EA1F3AF}C:\users\siebi\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\siebi\appdata\local\akamai\netsession_win.exe |
"TCP Query User{4A11545D-14C3-4969-A451-79FF28EF0D1F}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\iomega\home storage manager\iomega storage manager.exe |
"TCP Query User{5AD02549-854F-4B3E-908E-2AA3EE2971D3}C:\program files (x86)\iomega\home storage manager\iomega discovery.exe" = protocol=6 | dir=in | app=c:\program files (x86)\iomega\home storage manager\iomega discovery.exe |
"TCP Query User{854BE249-2E46-46E7-B787-F085DF354549}D:\program files\autodesk\showcase 2013\bin\showcase.exe" = protocol=6 | dir=in | app=d:\program files\autodesk\showcase 2013\bin\showcase.exe |
"TCP Query User{87291A74-0FA2-4679-BBE0-78C7750A20D2}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\iomega\home storage manager\iomega storage manager.exe |
"TCP Query User{8FD1C42B-6759-475E-8A7C-0B657AA8C374}C:\users\siebi\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\siebi\appdata\local\akamai\netsession_win.exe |
"TCP Query User{9B6D5689-3B39-4E52-AA37-EE7CDD4B4B2A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{C857A31A-9ACC-48B6-A627-C319B3390009}D:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{D85C7314-3731-4FE6-A57F-05AB29E96539}C:\program files (x86)\iomega\home storage manager\iomega discovery.exe" = protocol=6 | dir=in | app=c:\program files (x86)\iomega\home storage manager\iomega discovery.exe |
"TCP Query User{EBF60DCB-3292-416B-AD2E-DDAC694C36CA}D:\program files (x86)\iomega storage manager\iomegastoragemanager.exe" = protocol=6 | dir=in | app=d:\program files (x86)\iomega storage manager\iomegastoragemanager.exe |
"UDP Query User{15573B22-E08A-4595-9825-E9CA00C0F1DE}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\iomega\home storage manager\iomega storage manager.exe |
"UDP Query User{2E9D9A5D-9F46-43BE-9F63-37D6BC131A7B}D:\program files (x86)\iomega storage manager\iomegastoragemanager.exe" = protocol=17 | dir=in | app=d:\program files (x86)\iomega storage manager\iomegastoragemanager.exe |
"UDP Query User{461F6DC3-1C57-49D7-BE3F-885492711630}C:\program files (x86)\iomega\home storage manager\iomega discovery.exe" = protocol=17 | dir=in | app=c:\program files (x86)\iomega\home storage manager\iomega discovery.exe |
"UDP Query User{47B711E5-E634-41C3-9C7F-8232649F29F2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{4F3F9E0F-4431-4EA5-A3E5-E831FAAACDD6}D:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{4F4C98E8-CFA9-4A7A-819A-62339C23E260}C:\users\siebi\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\siebi\appdata\local\akamai\netsession_win.exe |
"UDP Query User{8D612A24-E72C-41E3-A87F-B0E3E608425E}C:\users\siebi\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\siebi\appdata\local\akamai\netsession_win.exe |
"UDP Query User{9E9034DE-130E-49E7-B0EA-0E9FA04FACF4}D:\program files (x86)\iomega\discovery tool home\discovery home.exe" = protocol=17 | dir=in | app=d:\program files (x86)\iomega\discovery tool home\discovery home.exe |
"UDP Query User{A0204934-4E19-4527-832B-2B6C100C5679}C:\program files (x86)\iomega\home storage manager\iomega discovery.exe" = protocol=17 | dir=in | app=c:\program files (x86)\iomega\home storage manager\iomega discovery.exe |
"UDP Query User{ABACD47B-0ABD-478B-AC78-E32886F60F37}D:\program files (x86)\iomega storage manager\iomegastoragemanager.exe" = protocol=17 | dir=in | app=d:\program files (x86)\iomega storage manager\iomegastoragemanager.exe |
"UDP Query User{BA7363AB-4FAA-492D-A104-8DCDB7A4178B}D:\program files\autodesk\showcase 2013\bin\showcase.exe" = protocol=17 | dir=in | app=d:\program files\autodesk\showcase 2013\bin\showcase.exe |
"UDP Query User{C1F198A6-5D7D-450D-A0B9-10E2126269A1}D:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C28961EC-78DE-42DD-860C-DE7D72575615}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\iomega\home storage manager\iomega storage manager.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{06E18300-BB64-1664-8E6A-2593FC67BB74}" = Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit
"{08BCFE15-8AA1-4A58-B018-4FEF486BA922}" = Autodesk Inventor Fusion for Inventor 2013 Add-in
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F30B978-3536-0409-BC9C-0A2FB4C35EFC}" = Autodesk 3ds Max 2013 64-bit
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{266597A9-1764-0000-0100-DCBF2B69166B}" = Autodesk Vault Basic 2013 (Client) German Language Pack
"{2F808931-D235-4FC7-90CD-F8A890C97B2F}" = Composite 2013 64-bit
"{324297F8-2898-454B-9AC4-07050AEB35B3}" = Autodesk DirectConnect 2013 64-bit
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{517AA17F-407C-4D2D-8A0C-56F1F989F870}" = O2Micro Flash Memory Card Windows Driver
"{5783F2D7-B028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2013
"{696BB53C-28E6-1664-974E-D42FFF5B8E04}" = Autodesk Inventor Server Engine for 3ds Max 2013 64-bit
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{792A9A32-718A-40D1-9867-A903F76AE2F8}" = Eco Materials Adviser for Autodesk Inventor 2013
"{7EDE5B68-1FB0-405D-88F0-A34236002DA8}" = Autodesk Essential Skills Movies for 3ds Max 2013 64-bit
"{7F4DD591-1764-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2013
"{7F4DD591-1764-0001-1031-7107D70F3DB4}" = Autodesk Inventor Professional 2013 Language Pack - Deutsch (German)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A15BFC7D-6A90-47E6-8C6E-D51B2929D8C8}" = Autodesk Showcase 2013 64-bit
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B46DECD1-1764-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2013 (Desktop Content)
"{C1AE48E1-5918-1BAD-0782-49FD7E643DB3}" = ATI AVIVO64 Codecs
"{C6735B9F-CD23-7083-9DA0-BBC204C627D1}" = ccc-utility64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CF526A26-1764-0000-0000-02E95019B628}" = Autodesk Vault Basic 2013 (Client)
"{D25FF5C1-1764-469A-9794-69309387C193}" = Schnell-Deinstallations-Tool für Autodesk Inventor 2013
"{E9FAEC29-DCA3-F797-55D6-1EB0A5A166A1}" = ATI Catalyst Install Manager
"{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}" = Autodesk Sync
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FFF5619F-2013-0064-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2013
"Autodesk 3ds Max 2013 64-bit" = Autodesk 3ds Max 2013 64-bit
"Autodesk DirectConnect 2013 64-bit" = Autodesk DirectConnect 2013 64-bit
"Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 64-bit" = Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 64-bit
"Autodesk Inventor Fusion 2013" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Professional 2013" = Autodesk Inventor Professional 2013 Deutsch (German)
"Autodesk Showcase 2013 64-bit" = Autodesk Showcase 2013 64-bit
"DWG TrueView 2013" = DWG TrueView 2013
"FE5AE7DC-7B01-4263-A94C-B4526C276550_is1" = iDevice Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01F4DB7F-3C64-9AF5-4003-D0207A47C0C0}" = CCC Help Greek
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1" = System.Data.SQLite v1.0.81.0
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{051ACBD0-2D55-5189-5AA8-E8BCE8AF6754}" = CCC Help Chinese Traditional
"{05702AF5-BA53-8E12-EE03-6C42170DCB7C}" = CCC Help Japanese
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0CE2AE80-2759-0986-DA8E-DEBC3EB96C70}" = Catalyst Control Center Localization All
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{132E5B4B-1E1D-EC92-54C2-9359EDB96197}" = CCC Help Italian
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{183B008B-7A90-37C7-66A6-598D0B1E1CF9}" = Catalyst Control Center Graphics Full New
"{1ADFC547-FFD2-EEF9-ADBE-86014A8580DC}" = CCC Help English
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FA83AF5-C201-4E45-BBBD-79E8ABADE53E}" = Catalyst Control Center - Branding
"{2251188B-7A66-0F65-5AF2-664B128E2419}" = CCC Help Swedish
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}" = Autodesk Material Library Low Resolution Image Library 2013
"{2B1E396B-036B-208A-B71A-48457D0204D3}" = CCC Help French
"{2F6CA58B-63B3-E3F0-1C5D-F2697E1AC76B}" = CCC Help German
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{35D53BD3-8565-3712-46DB-C3B6F9EBF65F}" = CCC Help Czech
"{39796CE0-67F7-1563-4752-CC8A4388309C}" = CCC Help Korean
"{3B16D652-425D-A278-6E5F-1C1A14527F55}" = CCC Help Danish
"{3D2EC303-579B-D414-567A-46073404D982}" = Catalyst Control Center Graphics Previews Vista
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2013.0.0
"{416228B6-4CCE-80F1-DBAC-E9231677119F}" = CCC Help Dutch
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48E8AD47-3A4F-CA5D-893F-B3A5BF898951}" = Catalyst Control Center Graphics Full Existing
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{58760EEC-8B6A-43F4-81AA-696E381DFADD}" = Autodesk Material Library Medium Resolution Image Library 2013
"{5D380ADB-9F25-D91D-C530-9110566380B0}" = CCC Help Turkish
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{67766DDD-8906-F54D-D43C-ED903F47226E}" = CCC Help Polish
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{78485BA2-9A57-863D-A8BD-047411DA6B71}" = CCC Help Portuguese
"{785DBC50-4A56-AC28-962D-C410E903BFBC}" = CCC Help Hungarian
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8600BBA8-00CA-6F8E-DAD7-656DA7E8CC29}" = Catalyst Control Center InstallProxy
"{8835415D-0502-65E3-823B-E38E04D5B386}" = CCC Help Norwegian
"{929AD7C2-B82B-83D0-A212-CD6EEB7F3FD2}" = ccc-core-static
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9649286F-2787-EAEC-8A7D-743849E1F343}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E543FE-F71A-F8C3-FA1F-5E8B20DD0457}" = Catalyst Control Center Graphics Light
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{B001064C-D061-4BAE-9031-416A838D5536}" = Adobe Flash Player 10 ActiveX
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B758D954-BAD3-C1EA-2570-3C605F17CF9F}" = CCC Help Thai
"{BB95AEB1-D017-1861-CC1F-9DDC092F7DAB}" = CCC Help Finnish
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{CCA78313-443C-4674-81B8-88919D137258}" = Autodesk Download Manager
"{CD7AFCE6-E0F8-D256-0A10-3627EE6445A0}" = CCC Help Chinese Standard
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2EC19B8-DF0D-4EBF-C505-B6E8C5AAFAE7}" = Catalyst Control Center Core Implementation
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAA48F00-3912-DD08-0510-8C437D00C022}" = CCC Help Spanish
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F6E36639-10C8-4FAD-AF1F-E84D5B6653D1}" = FontLab Studio 5
"1489-3350-5074-6281" = JDownloader 0.9
"A309 DeviceStage" = A309 DeviceStage 1.0.0.1
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"Autodesk Vault Basic 2013 (Client)" = Autodesk Vault Basic 2013 (Client)
"AVerMedia A309 (MiniCard, DVB-T)" = AVerMedia A309 (MiniCard, DVB-T) 1.0.64.61
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"FE5AE7DC-7B01-4263-A94C-B4526C276550_is1" = iDevice Manager
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"InstallShield_{517AA17F-407C-4D2D-8A0C-56F1F989F870}" = O2Micro Flash Memory Card Windows Driver
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird 11.0.1 (x86 de)" = Mozilla Thunderbird 11.0.1 (x86 de)
"VLC media player" = VLC media player 2.0.3
"Zahlenzauber 1_is1" = Zahlenzauber 1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-60234808-489003216-2873783-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"SOE-DC Universe Online Live" = DC Universe Online Live
"SOE-DC Universe Online Live (2)" = DC Universe Online Live (2)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.12.2012 12:45:02 | Computer Name = Siebi-Lappi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 04.12.2012 12:45:02 | Computer Name = Siebi-Lappi | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 04.12.2012 13:55:20 | Computer Name = Siebi-Lappi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 04.12.2012 13:55:20 | Computer Name = Siebi-Lappi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 04.12.2012 13:55:20 | Computer Name = Siebi-Lappi | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 04.12.2012 13:56:56 | Computer Name = Siebi-Lappi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 04.12.2012 13:56:56 | Computer Name = Siebi-Lappi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 04.12.2012 13:56:56 | Computer Name = Siebi-Lappi | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 04.12.2012 16:58:33 | Computer Name = Siebi-Lappi | Source = MsiInstaller | ID = 11310
Description =
Error - 04.12.2012 16:58:54 | Computer Name = Siebi-Lappi | Source = MsiInstaller | ID = 11310
Description =
[ System Events ]
Error - 03.12.2012 18:17:07 | Computer Name = Siebi-Lappi | Source = ipnathlp | ID = 31004
Description =
Error - 04.12.2012 08:27:37 | Computer Name = Siebi-Lappi | Source = ipnathlp | ID = 31004
Description =
Error - 04.12.2012 09:41:14 | Computer Name = Siebi-Lappi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?04.?12.?2012 um 14:39:50 unerwartet heruntergefahren.
Error - 04.12.2012 09:44:38 | Computer Name = Siebi-Lappi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?04.?12.?2012 um 14:43:02 unerwartet heruntergefahren.
Error - 04.12.2012 10:27:01 | Computer Name = Siebi-Lappi | Source = Service Control Manager | ID = 7034
Description = Dienst "mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit"
wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error - 04.12.2012 10:29:14 | Computer Name = Siebi-Lappi | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 04.12.2012 10:31:18 | Computer Name = Siebi-Lappi | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 04.12.2012 10:31:43 | Computer Name = Siebi-Lappi | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 04.12.2012 12:39:44 | Computer Name = Siebi-Lappi | Source = BugCheck | ID = 1001
Description =
Error - 04.12.2012 16:17:18 | Computer Name = Siebi-Lappi | Source = ipnathlp | ID = 31004
Description =
< End of report >
--- --- ---
Schritt 2: Zitat:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:20 on 04/12/2012 (Siebi)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
| Schritt 3: Zitat:
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-04 23:24:16
-----------------------------
23:24:16.763 OS Version: Windows x64 6.1.7601 Service Pack 1
23:24:16.763 Number of processors: 2 586 0x170A
23:24:16.764 ComputerName: SIEBI-LAPPI UserName: Siebi
23:24:16.914 Initialize success
23:24:29.626 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:24:29.630 Disk 0 Vendor: Corsair_ 2.0_ Size: 57241MB BusType: 3
23:24:29.635 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
23:24:29.639 Disk 1 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 3
23:24:29.644 Disk 0 MBR read successfully
23:24:29.648 Disk 0 MBR scan
23:24:29.651 Disk 0 Windows 7 default MBR code
23:24:29.655 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
23:24:29.659 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 57139 MB offset 206848
23:24:29.665 Disk 0 scanning C:\Windows\system32\drivers
23:24:31.240 Service scanning
23:24:34.554 Modules scanning
23:24:34.570 Disk 0 trace - called modules:
23:24:34.579 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
23:24:34.588 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004f40060]
23:24:34.813 3 CLASSPNP.SYS[fffff88001bb743f] -> nt!IofCallDriver -> [0xfffffa8003cf5340]
23:24:34.823 5 ACPI.sys[fffff88000f7e7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8003e9c050]
23:24:34.835 Scan finished successfully
23:24:51.778 Disk 0 MBR has been saved successfully to "C:\Users\Siebi\Desktop\MBR.dat"
23:24:51.786 The log file has been saved successfully to "C:\Users\Siebi\Desktop\aswMBR.txt"
| |
AdwCleaner auf deinen Desktop.