Kirsche0815 | 27.03.2013 19:35 | hier die Logs
JRT: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.3 (03.23.2013:1)
OS: Windows 7 Professional x86
Ran by Steffi Maaáen on 27.03.2013 at 18:56:35,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1128291690-297645493-3885562247-1002\software\microsoft\internet explorer\searchscopes\\DefaultScope
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\babylon
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\pricegong
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\menuext\web-suche
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{e46c8196-b634-44a1-af6e-957c64278ab1}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{eee6c360-6118-11dc-9c72-001320c79847}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{eee6c360-6118-11dc-9c72-001320c79847}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\viewpoint"
Successfully deleted: [Folder] "C:\Users\Steffi Maaáen\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Steffi Maaáen\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Program Files\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files\viewpoint"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Users\Steffi Maaáen\AppData\Roaming\mozilla\firefox\profiles\dlpwjelg.default\user.js
Successfully deleted: [File] C:\Users\Steffi Maaáen\AppData\Roaming\mozilla\firefox\profiles\dlpwjelg.default\searchplugins\sweetim.xml
Successfully deleted the following from C:\Users\Steffi Maaáen\AppData\Roaming\mozilla\firefox\profiles\dlpwjelg.default\prefs.js
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
user_pref("browser.search.order.1", "Search the web (Babylon)");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.autoRvrt", "false");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=110195&tt=270912_nocpc_3912_2");
user_pref("extensions.BabylonToolbar.babext", "babExt");
user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
user_pref("extensions.BabylonToolbar.bbDpng", 15);
user_pref("extensions.BabylonToolbar.cntry", "DE");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", false);
user_pref("extensions.BabylonToolbar.dfltlng", "en");
user_pref("extensions.BabylonToolbar.dfltsrch", "false");
user_pref("extensions.BabylonToolbar.envrmnt", "production");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.firstrun", false);
user_pref("extensions.BabylonToolbar.hdrMd5", "590832A9A31B73E91402D5106B47CDF0");
user_pref("extensions.BabylonToolbar.hmpg", false);
user_pref("extensions.BabylonToolbar.hrdid", "5e8a60090000000000000026c71c0e3b");
user_pref("extensions.BabylonToolbar.id", "5e8a60090000000000000026c71c0e3b");
user_pref("extensions.BabylonToolbar.instlDay", "15613");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.instlday", "15613");
user_pref("extensions.BabylonToolbar.instlref", "sst");
user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
user_pref("extensions.BabylonToolbar.keywordurl", "");
user_pref("extensions.BabylonToolbar.lastDP", 15);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1211:56:03");
user_pref("extensions.BabylonToolbar.lastdp", 30);
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "11.0");
user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
user_pref("extensions.BabylonToolbar.newTab", false);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.newtab", "false");
user_pref("extensions.BabylonToolbar.newtaburl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"29\",\"lastVrsn\":\"29\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0}");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 73037538);
user_pref("extensions.BabylonToolbar.prtkDS", 1);
user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
user_pref("extensions.BabylonToolbar.sg", "azb");
user_pref("extensions.BabylonToolbar.smplGrp", "azb");
user_pref("extensions.BabylonToolbar.smplgrp", "azb");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.srcext", "ss");
user_pref("extensions.BabylonToolbar.srch", "");
user_pref("extensions.BabylonToolbar.srchprvdr", "");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=5e8a60090000000000000026c71c0e3b&q=");
user_pref("extensions.BabylonToolbar.tlbrid", "base");
user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=5e8a60090000000000000026c71c0e3b&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1211:56:03");
user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1211:56:03");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110195&tt=270912_nocpc_3912_2");
user_pref("extensions.BabylonToolbar_i.hardId", "5e8a60090000000000000026c71c0e3b");
user_pref("extensions.BabylonToolbar_i.id", "5e8a60090000000000000026c71c0e3b");
user_pref("extensions.BabylonToolbar_i.instlDay", "15444");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110819&tt=050412_30b&babsrc=NT_ss&mntrId=5e8a60090000000000000026c71c0e3b");
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1211:56:03");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Emptied folder: C:\Users\Steffi Maaáen\AppData\Roaming\mozilla\firefox\profiles\dlpwjelg.default\minidumps [165 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.03.2013 at 19:03:08,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ adwCleaner:
AdwCleaner Logfile: Code:
# AdwCleaner v2.115 - Datei am 27/03/2013 um 19:07:55 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : Steffi Maaßen - GVSSTEFFIMAAßEN
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Steffi Maaßen\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\END
Datei Gefunden : C:\Users\Steffi Maaßen\AppData\Roaming\Mozilla\Firefox\Profiles\dlpwjelg.default\searchplugins\safesearch.xml
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gefunden : HKLM\SOFTWARE\Software
Schlüssel Gefunden : HKLM\Software\Viewpoint
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16470
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Users\Steffi Maaßen\AppData\Roaming\Mozilla\Firefox\Profiles\dlpwjelg.default\prefs.js
Gefunden : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"29\",\"lastVrsn\":\"29\",\"vrsnLoad\[...]
-\\ Google Chrome v25.0.1364.172
Datei : C:\Users\Steffi Maaßen\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gefunden [l.34] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Gefunden [l.37] : keyword = "babylon.com",
Gefunden [l.40] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&tt=010412_crm&babsrc=SP_crm",
Gefunden [l.1805] : homepage = "hxxp://search.babylon.com/?affID=110195&tt=270912_nocpc_3912_2&babsrc=HP_ss&mntrId=5e8a60090000000000000026c71c0e3b",
Gefunden [l.2021] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/?affID=110195&tt=270912_nocpc_3912_2&babsrc=HP_ss&mntrId=5e8a60090000000000000026c71c0e3b" ]
*************************
AdwCleaner[R1].txt - [2659 octets] - [27/03/2013 19:07:55]
########## EOF - C:\AdwCleaner[R1].txt - [2719 octets] ########## --- --- ---
OTL:
OTL Logfile: Code:
OTL logfile created on: 3/27/2013 7:10:48 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steffi Maaßen\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.93 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 57.90% Memory free
5.85 Gb Paging File | 4.00 Gb Available in Paging File | 68.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 280.79 Gb Total Space | 120.69 Gb Free Space | 42.98% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.47 Gb Free Space | 74.03% Space Free | Partition Type: FAT32
Computer Name: GVSSTEFFIMAAßEN | User Name: Steffi Maaßen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Steffi Maaßen\Downloads\adwcleaner.exe ()
PRC - C:\Users\Steffi Maaßen\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Program Files\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files\Haufe\iDesk\iDeskService\ideskservice.exe ()
PRC - C:\Program Files\Haufe\iDesk\iDeskService\ideskpython.exe (Haufe Mediengruppe)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Program Files\IDT\WDM\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\IDT\WDM\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
PRC - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe (Hewlett-Packard Development Company L.P.)
PRC - C:\Program Files\Sybase\SQL Anywhere 9\win32\dbsrv9.exe (iAnywhere Solutions, Inc.)
PRC - C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe (Portrait Displays, Inc.)
PRC - C:\Program Files\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe (Portrait Displays, Inc)
PRC - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
PRC - C:\Program Files\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (DigitalPersona, Inc.)
PRC - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (McAfee, Inc.)
PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe ( Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
PRC - C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe (ActivIdentity)
PRC - C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
PRC - C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
PRC - C:\Program Files\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Common Files\aol\1320602271\ee\aolsoftware.exe (America Online, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Users\Steffi Maaßen\Downloads\adwcleaner.exe ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a7424b1be331f4b534ea24e0c21dbe47\UIAutomationTypes.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\571b85634abf2fba6bab80c21a347081\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll ()
MOD - C:\windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.DLL ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll ()
MOD - C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_de_31bf3856ad364e35\WindowsBase.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_de_b77a5c561934e089\System.Core.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()
========== Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (TeamViewer8) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (HRService) -- C:\Program Files\Haufe\iDesk\iDeskService\ideskservice.exe ()
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia)
SRV - (STacSV) -- C:\Program Files\IDT\WDM\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Program Files\IDT\WDM\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (HP Power Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard Company)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (Lexware_Professional_Datenbank) -- C:\Program Files\Sybase\SQL Anywhere 9\win32\dbsrv9.exe (iAnywhere Solutions, Inc.)
SRV - (HP Support Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (PdiService) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
SRV - (HP ProtectTools Service) -- C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
SRV - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company)
SRV - (DpHost) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV - (vcsFPService) -- C:\Windows\System32\vcsFPService.exe (Validity Sensors, Inc.)
SRV - (HpFkCryptService) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (McAfee, Inc.)
SRV - (UNS) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (HPFSService) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
SRV - (FLCDLOCK) -- C:\Windows\System32\flcdlock.exe (Hewlett-Packard Ltd)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
SRV - (yksvc) -- C:\Windows\System32\yk62x86.dll (Marvell)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (RoxMediaDB10) -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)
SRV - (ac.sharedstore) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe (ActivIdentity)
SRV - (AOL ACS) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
========== Driver Services (SafeList) ==========
DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found
DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found
DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found
DRV - (massfilter_hs) -- system32\drivers\massfilter_hs.sys File not found
DRV - (massfilter) -- system32\drivers\massfilter.sys File not found
DRV - (catchme) -- C:\Users\STEFFI~1\AppData\Local\Temp\catchme.sys File not found
DRV - (BCMH43XX) -- system32\DRIVERS\bcmwlhigh6.sys File not found
DRV - (aswSnx) -- C:\windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\windows\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRvrt) -- C:\windows\System32\drivers\aswRvrt.sys ()
DRV - (aswNdis2) -- C:\windows\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (aswFW) -- C:\windows\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswKbd) -- C:\windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (SbAlg) -- C:\windows\System32\drivers\SbAlg.sys (McAfee, Inc.)
DRV - (SbFsLock) -- C:\windows\System32\drivers\SbFsLock.sys (McAfee, Inc.)
DRV - (RsvLock) -- C:\windows\System32\drivers\rsvlock.sys (McAfee, Inc.)
DRV - (SafeBoot) -- C:\windows\System32\drivers\SafeBoot.sys ()
DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV - (risdpcie) -- C:\Windows\System32\drivers\risdpe86.sys (REDC)
DRV - (rimspci) -- C:\Windows\System32\drivers\rimspe86.sys (REDC)
DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation)
DRV - (rixdpcie) -- C:\Windows\System32\drivers\rixdpe86.sys (REDC)
DRV - (HECI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (DAMDrv) -- C:\Windows\System32\drivers\DAMDrv.sys (Hewlett-Packard Development Company L.P.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (WSDScan) -- C:\Windows\System32\drivers\WSDScan.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (hpdskflt) -- C:\Windows\System32\drivers\hpdskflt.sys (Hewlett-Packard)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (MfeAVFK) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfetdik) -- C:\Windows\System32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (MfeBOPK) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MfeRKDK) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (wanatw) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (PDNMp50) -- C:\Windows\System32\drivers\PDNMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PDNSp50) -- C:\Windows\System32\drivers\PDNSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKLM\..\SearchScopes\{009652DF-1177-499A-872B-B3D00B1A74F8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=19.9.0.9
IE - HKU\S-1-5-19\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=19.9.0.9
IE - HKU\S-1-5-20\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=19.9.0.9
IE - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..\URLSearchHook: - C:\Program Files\Serif\PanoramaPlus\3.0\Program\PanoramaPlus.exe (Serif (Europe) Ltd.)
IE - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..\SearchScopes,DefaultScope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..\SearchScopes\{4BEFFE0F-BA43-4CB0-8120-31EAB77DC573}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..\SearchScopes\{E65EF2A5-5D91-47F8-99AF-8A98541F9FA3}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7WZPC_de
IE - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.4238
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/23 19:56:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/09 10:59:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/09 10:58:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/12/23 15:26:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/09 10:59:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/09 10:58:57 | 000,000,000 | ---D | M]
[2010/12/14 18:22:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steffi Maaßen\AppData\Roaming\mozilla\Extensions
[2010/12/14 18:22:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steffi Maaßen\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012/10/23 19:13:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steffi Maaßen\AppData\Roaming\mozilla\Firefox\Profiles\dlpwjelg.default\extensions
[2011/04/26 18:06:36 | 000,002,449 | ---- | M] () -- C:\Users\Steffi Maaßen\AppData\Roaming\mozilla\firefox\profiles\dlpwjelg.default\searchplugins\safesearch.xml
[2013/03/09 10:58:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/09 10:58:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/03/09 10:59:01 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/02/24 13:35:20 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/02/24 13:35:20 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/24 13:35:20 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013/02/24 13:35:20 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/02/24 13:35:20 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/02/24 13:35:20 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.babylon.com/?q={searchTerms}&tt=010412_crm&babsrc=SP_crm
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://search.babylon.com/?affID=110195&tt=270912_nocpc_3912_2&babsrc=HP_ss&mntrId=5e8a60090000000000000026c71c0e3b
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Steffi Maa\u00DFen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.3.7_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: D'Fusion @Home Web Plug-In (3.10.17859) (Enabled) = C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - Extension: Norton Identity Protection = C:\Users\Steffi Maaßen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.11.8_0\
O1 HOSTS File: ([2013/03/27 12:54:34 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe (Hewlett-Packard Company, L.P.)
O4 - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\__avast! sandbox\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O15 - HKU\S-1-5-21-1128291690-297645493-3885562247-1002\..Trusted Ranges: Range2 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.7.0_09)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B1192F0-6900-4F7F-83F0-AC5C5EC4ABCA}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB00B81A-F251-4F01-A5C8-BFFFCB547EEA}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2A7F3C7-9329-4EDD-A901-CAB96226C7D8}: DhcpNameServer = 192.168.1.250
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-19 Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-20 Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/27 18:56:30 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/03/27 18:55:59 | 000,000,000 | ---D | C] -- C:\JRT
[2013/03/27 12:54:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/27 12:51:59 | 000,000,000 | ---D | C] -- C:\Users\Steffi Maaßen\AppData\Local\temp
[2013/03/27 12:30:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/03/27 12:30:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/03/27 12:30:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/03/27 12:29:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/03/27 12:29:22 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/03/26 17:18:24 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usb8023.sys
[2013/03/25 19:49:09 | 000,000,000 | ---D | C] -- C:\Users\Steffi Maaßen\Desktop\mbar
[2013/03/24 18:46:21 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013/03/24 18:46:21 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013/03/24 09:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/24 09:55:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/03/23 19:39:24 | 000,368,176 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2013/03/23 19:39:24 | 000,029,816 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2013/03/23 19:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2013/03/23 19:39:23 | 000,101,656 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFW.sys
[2013/03/23 19:38:55 | 000,199,384 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswNdis2.sys
[2013/03/23 19:38:54 | 000,062,376 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2013/03/23 19:38:54 | 000,060,656 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys
[2013/03/23 19:38:54 | 000,021,576 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswKbd.sys
[2013/03/23 19:38:53 | 000,765,736 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2013/03/23 19:38:53 | 000,066,336 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2013/03/23 19:38:10 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\windows\System32\drivers\aswNdis.sys
[2013/03/23 19:38:08 | 000,041,664 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013/03/23 19:38:07 | 000,228,600 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2013/03/23 19:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/03/23 19:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/03/18 19:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Haufe
[2013/03/13 12:22:48 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013/03/13 12:22:47 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2013/03/13 12:22:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013/03/13 12:22:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2013/03/13 12:22:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013/03/13 12:22:46 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013/03/13 12:22:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2013/03/13 12:22:45 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2013/03/09 10:58:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/03/01 14:46:15 | 000,000,000 | ---D | C] -- C:\Users\Steffi Maaßen\Desktop\CT
[2013/02/27 18:38:45 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\UIAnimation.dll
[2013/02/27 18:38:39 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMPhoto.dll
[2013/02/27 18:38:37 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll
[2013/02/27 18:38:37 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll
[2013/02/27 18:38:37 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 18:38:37 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 18:38:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 18:38:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 18:38:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 18:38:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 18:38:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 18:38:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 18:38:37 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 18:38:36 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll
[2013/02/27 18:38:36 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msmpeg2vdec.dll
[2013/02/27 18:38:36 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d11.dll
[2013/02/27 18:38:36 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2013/02/27 18:38:36 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll
[2013/02/27 18:38:36 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10.dll
[2013/02/27 18:38:36 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll
[2013/02/27 18:38:36 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxgi.dll
[2013/02/27 18:38:36 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll
[2013/02/27 18:38:36 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10core.dll
[2013/02/27 18:38:36 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WindowsCodecsExt.dll
[2013/02/27 18:38:36 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll
[2013/02/27 18:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/02/26 14:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/02/26 14:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/02/26 14:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/02/26 14:39:30 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
========== Files - Modified Within 30 Days ==========
[2013/03/27 19:12:11 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/27 18:56:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/03/27 17:53:30 | 000,020,720 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/27 17:53:30 | 000,020,720 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/27 17:52:10 | 000,654,400 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013/03/27 17:52:10 | 000,616,242 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/03/27 17:52:10 | 000,130,240 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013/03/27 17:52:10 | 000,106,622 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/03/27 17:46:17 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/27 17:45:24 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/03/27 17:45:16 | 2357,620,736 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/27 12:54:34 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013/03/26 16:42:02 | 000,000,352 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForSteffi Maaßen.job
[2013/03/24 18:46:21 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013/03/24 18:46:21 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013/03/23 19:56:40 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2013/03/23 19:39:24 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/03/23 19:00:02 | 123,534,648 | ---- | M] () -- C:\avast_internet_security_setup.exe
[2013/03/23 10:32:05 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/03/18 20:14:33 | 000,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Haufe Steuer Office aufrufen.lnk
[2013/03/18 19:49:56 | 000,002,863 | ---- | M] () -- C:\Users\Public\Desktop\Haufe Formular-Manager.lnk
[2013/03/15 15:16:08 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2013/03/07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2013/03/07 00:33:24 | 000,164,736 | ---- | M] () -- C:\windows\System32\drivers\aswVmm.sys
[2013/03/07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2013/03/07 00:33:24 | 000,049,248 | ---- | M] () -- C:\windows\System32\drivers\aswRvrt.sys
[2013/03/07 00:33:23 | 000,199,384 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswNdis2.sys
[2013/03/07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2013/03/07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys
[2013/03/07 00:33:22 | 000,101,656 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFW.sys
[2013/03/07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2013/03/07 00:33:22 | 000,021,576 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswKbd.sys
[2013/03/07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2013/03/07 00:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2013/02/28 18:14:40 | 000,480,968 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/02/27 18:18:24 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/02/26 14:40:25 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
========== Files Created - No Company Name ==========
[2013/03/27 12:30:17 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/03/27 12:30:17 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/03/27 12:30:17 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/03/27 12:30:17 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/03/27 12:30:17 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/03/24 18:46:22 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/03/23 19:56:41 | 000,164,736 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys
[2013/03/23 19:56:40 | 000,049,248 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys
[2013/03/23 19:39:24 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/03/23 19:00:00 | 123,534,648 | ---- | C] () -- C:\avast_internet_security_setup.exe
[2013/03/18 20:14:33 | 000,002,239 | ---- | C] () -- C:\Users\Public\Desktop\Haufe Steuer Office aufrufen.lnk
[2013/03/18 19:49:56 | 000,002,863 | ---- | C] () -- C:\Users\Public\Desktop\Haufe Formular-Manager.lnk
[2013/03/04 18:15:33 | 000,000,352 | ---- | C] () -- C:\windows\tasks\HPCeeScheduleForSteffi Maaßen.job
[2013/02/27 18:26:04 | 000,001,020 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/02/27 18:26:04 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/02/27 18:18:24 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/02/26 14:40:25 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/11/04 11:39:42 | 000,000,062 | ---- | C] () -- C:\Users\Steffi Maaßen\AppData\Roaming\mbam.context.scan
[2012/05/15 18:57:39 | 000,000,501 | ---- | C] () -- C:\windows\ODBC.INI
[2012/04/26 20:35:25 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/02/27 09:41:52 | 000,202,240 | ---- | C] () -- C:\windows\System32\LXPrnUtil10.dll
[2012/02/27 09:40:44 | 000,304,128 | ---- | C] () -- C:\windows\System32\LxDNT100.dll
[2012/02/27 09:38:36 | 000,133,120 | ---- | C] () -- C:\windows\System32\LxDNTvmc100.dll
[2012/02/27 09:38:18 | 000,069,120 | ---- | C] () -- C:\windows\System32\LxDNTvm100.dll
[2012/02/19 10:52:25 | 000,000,046 | ---- | C] () -- C:\windows\hmview.ini
[2011/12/15 15:15:12 | 000,007,666 | ---- | C] () -- C:\Users\Steffi Maaßen\AppData\Roaming\.freeciv-client-rc-2.3
[2011/11/06 18:56:35 | 000,000,335 | ---- | C] () -- C:\windows\nsreg.dat
[2011/07/08 18:59:17 | 000,688,128 | ---- | C] () -- C:\windows\System32\libeay32.dll
[2011/07/08 18:59:17 | 000,155,648 | ---- | C] () -- C:\windows\System32\ssleay32.dll
[2011/05/27 16:15:56 | 070,509,774 | ---- | C] () -- C:\Users\Steffi Maaßen\catalogo2010.pdf
[2011/05/19 20:23:20 | 000,066,048 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
[2011/05/19 08:50:58 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPPassFilter.dll.hpsign
[2011/05/19 08:50:58 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPCrProv.dll.hpsign
[2011/03/20 20:39:33 | 002,287,245 | ---- | C] () -- C:\Users\Steffi Maaßen\Buchungsbestätigung Fewo Rügen.pdf
[2011/01/19 21:43:00 | 000,001,940 | ---- | C] () -- C:\Users\Steffi Maaßen\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/19 19:36:32 | 000,007,680 | ---- | C] () -- C:\Users\Steffi Maaßen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/19 19:07:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011/12/15 15:26:39 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\.freeciv
[2010/06/11 10:18:23 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Ahnenblatt
[2010/04/19 16:37:44 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\DigitalPersona
[2011/10/10 19:39:36 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\elsterformular
[2011/07/09 18:01:59 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\EurekaLog
[2010/11/02 17:08:03 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Haufe
[2010/12/14 18:22:37 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Haufe Mediengruppe
[2012/11/24 18:04:59 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\ICQ
[2011/11/03 15:56:34 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\IrfanView
[2012/11/01 17:51:56 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Jumping Bytes
[2012/10/10 18:24:00 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Lexware
[2012/05/14 20:19:33 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\mresreg
[2012/11/01 20:16:04 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Nokia
[2010/10/13 18:00:15 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Nokia Ovi Suite
[2012/11/01 20:23:53 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Nokia Suite
[2013/01/02 21:06:01 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\PC Suite
[2012/10/22 19:54:23 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Reiser
[2010/12/28 21:20:08 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Serif
[2012/04/14 18:06:49 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\SumatraPDF
[2012/09/20 17:47:26 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\TeamViewer
[2011/08/10 20:05:37 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Telefónica
[2012/11/12 20:54:37 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Thunderbird
[2010/09/19 19:42:49 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Tific
[2013/01/11 18:34:41 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\TS3Client
[2011/12/16 12:12:10 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\Usenet.nl
[2012/11/02 12:59:03 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\WindSolutions
[2012/04/26 11:20:29 | 000,000,000 | ---D | M] -- C:\Users\Steffi Maaßen\AppData\Roaming\XnView
[2012/11/04 14:54:09 | 000,000,000 | ---D | M] -- C:\Users\Steffi`s Laptop\AppData\Roaming\DigitalPersona
[2012/11/04 14:59:25 | 000,000,000 | ---D | M] -- C:\Users\Steffi`s Laptop\AppData\Roaming\TS3Client
========== Purity Check ==========
< End of report > --- --- ---
OTL Extra:
OTL Logfile: Code:
OTL Extras logfile created on: 3/27/2013 7:10:48 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steffi Maaßen\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.93 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 57.90% Memory free
5.85 Gb Paging File | 4.00 Gb Available in Paging File | 68.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 280.79 Gb Total Space | 120.69 Gb Free Space | 42.98% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.47 Gb Free Space | 74.03% Space Free | Partition Type: FAT32
Computer Name: GVSSTEFFIMAAßEN | User Name: Steffi Maaßen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1128291690-297645493-3885562247-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{065F0294-8942-40F6-8E48-2B0DBBB643DC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0DF1FB25-8312-4939-8E23-0EE1BFACB8F8}" = lport=137 | protocol=17 | dir=in | app=system |
"{16AA1A12-99FF-464A-B9DB-FEAC34C3F9E1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2378674E-B64C-4055-B195-BBC75DBC1050}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{333CFC7C-FDF6-4795-B972-8FBEEF7650C0}" = rport=139 | protocol=6 | dir=out | app=system |
"{5D548F72-0411-4D1B-A9E6-A880A7787109}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{627EF6E6-7780-4FC1-A7CD-F10F5C5C577D}" = rport=138 | protocol=17 | dir=out | app=system |
"{63E12426-4B89-493E-B78F-BEC148A0612E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{6763E6AC-65AC-4764-B05E-363460D5E9AD}" = lport=445 | protocol=6 | dir=in | app=system |
"{6C52C83A-DFDD-4E43-BCAB-1DCA40367245}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{710BA40F-E5A8-405B-B108-EA316AC275D4}" = rport=445 | protocol=6 | dir=out | app=system |
"{73EA0E95-08C5-48B0-BF82-109C90158097}" = lport=138 | protocol=17 | dir=in | app=system |
"{8CF44C45-87C6-41DD-87F5-9990DC782E67}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{A1CB8782-6DDE-4866-91D3-8FF346C86080}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A46F7DCA-A1DC-412E-9B98-42E4810BBC7B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=datei- und druckerfreigabe (spoolerdienst - rpc-epmap) |
"{A62E7CF8-E223-43C8-B596-6106CE648FB0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AA5AECDA-12D7-4CA3-9DEF-B1E771887A94}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BF13E3C5-E3BB-4977-BA87-D20C7FBA3733}" = rport=137 | protocol=17 | dir=out | app=system |
"{C017EECE-8519-4597-9B9D-9336BC33A097}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{CA7108BA-CE96-42C3-9B89-0243E3702057}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CAFC0885-4ED7-41FA-9C71-6096F2B827C1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CECFBD63-10EE-4731-A5B7-ACA0785095FC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{CF8A8FA1-D920-4F9E-8CED-BEC2A1D70FBD}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0138BD7D-D930-4DCC-8323-B11350CF705E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{020D27AE-E12C-4278-806E-6ACA8A53F0B1}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{03EB9D5E-AFCA-4E57-9841-D9E4CF2CD824}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0A23F382-6D83-4953-A468-391AED823CE2}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{0EA2BA58-BEA0-4DD3-830C-10BD5BB6B297}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1320602271\ee\aolsoftware.exe |
"{106D6752-3113-492D-AA49-EA52819EE09C}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{15494796-AC76-4EFE-9BC6-022EC9C0CC2B}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{1AD827E0-12B5-48FC-9FB2-02B1D747D0CE}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{1CEE352B-B9B0-43FA-8385-20B381900FF2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1DE44C3A-D462-4794-A3C6-81929984015C}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe |
"{1E8714A6-428E-4AA7-9797-9CAF12C7C224}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{1F84759D-76D3-405E-A8DE-9D2AA9016C7A}" = protocol=58 | dir=in | name=datei- und druckerfreigabe (echoanforderung - icmpv6 eingehend) |
"{275CF15B-7BBC-4DF1-9F09-3CE8C41A762A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1320602271\ee\aolsoftware.exe |
"{289D115B-F602-4BB6-91AA-8FD3582AEF24}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{29BEA155-9A46-4BF6-84D1-65FC9440431F}" = dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"{30A2B21B-4BE6-4609-9524-8521D6E3682D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{33F6095A-5BFE-4EB6-A3E5-5A49262539D7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{3B7259CE-01BC-4144-93EF-EB990BE30B21}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe |
"{3BCC5F43-E113-4880-A97C-47C6F3287345}" = protocol=1 | dir=in | name=datei- und druckerfreigabe (echoanforderung - icmpv4 eingehend) |
"{3D3FE86C-1204-4BB1-A2DA-E62D7731EBA4}" = protocol=17 | dir=in | app=c:\program files\sybase\sql anywhere 9\win32\dbsrv9.exe |
"{44C76DE1-E509-4A80-BC5F-11739F31597E}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{51AECCE7-5C23-4CE0-A751-35E3873B964A}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{5EBFB1D5-71DF-4C48-9074-EF349115B87D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5FA0234B-FA58-4CFF-9C6A-F49C8A3DA649}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{60DD832A-E073-4BBB-9D48-4C9F0366EF03}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{655C86BB-E277-44FF-B442-8863E0ADDC9A}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{6BE2AC02-541B-4758-8537-5C2280BF7DCF}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{74760DC9-2203-4741-A237-DC7917D8D927}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7BE2BD80-4581-4B2D-A58F-D53418DAB891}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{7CD3A963-9CA7-4A16-939C-32B40F72A7DC}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{7E0651ED-CC25-4B8E-9554-4952CC56863E}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{89DE36E1-30F8-473E-898B-BE071C84E439}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8BFDAAB4-3F83-4914-A895-1BB904B0FA51}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8C95737E-61DA-47B7-934E-A0218D00DBB8}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{8D50761D-D460-4026-8A19-1F10B49EA223}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{989A500A-6D31-4414-8C0E-6AC22F8B1318}" = protocol=6 | dir=in | app=c:\program files\sybase\sql anywhere 9\win32\dbsrv9.exe |
"{994735FF-4B79-438B-BFB2-C0BAC4B18B41}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9B37FE67-2387-4D99-8609-3E170A26CA2E}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{9B695A9A-F01E-4042-A797-DDB55DDBD41B}" = protocol=58 | dir=out | name=datei- und druckerfreigabe (echoanforderung - icmpv6 ausgehend) |
"{9BEE31C8-6492-49B1-B8F7-8A7BD9DB4D13}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe |
"{9D823BB9-D575-46BC-9587-2A0C3EB33A5B}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{9E9917E3-7958-4E70-847A-608906DA6914}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9EE183B6-0F32-48D8-921B-83916D45500C}" = dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"{A499E1C7-48D4-4FAB-8C2D-AEC1A2931663}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{AC9531A4-D64B-4D76-976D-B06F3003EC42}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{B197DEDF-A8A5-4D5D-8F03-039D414579E9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BDDA21CB-53FA-4972-996C-B9C1B0FB4BC2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE2256B0-B926-40A2-9043-04CCAC86F9AA}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{BF82175C-D03D-43BE-AFC2-7995B4E52D0B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C68D52C7-CF65-48B6-B326-64C85F69DE2D}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{C9EE51BB-46AE-419E-A4CF-B76DD071D20A}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{CD5C9BFB-17BE-414F-9049-DF6738CDEB44}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{CF1ABF62-EE69-45C9-AEFF-67E05CDAE65D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{D1C86D32-7D80-49D2-A971-E654F3C23E43}" = protocol=6 | dir=out | app=system |
"{D6290DB5-66F9-4362-A92A-2EB387731AE6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DB816D89-4FE3-4E3B-9322-DAA3A874C185}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{DBC95B44-A714-4EEA-81DF-FB16F0C42AF9}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{DCB488D3-4E16-4853-9D3A-71FD3C192FB1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E623DE33-CC4E-4B9C-84E3-BFBF9B70465A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{E794ED9B-4EBE-40B6-B899-CD86280DBFA9}" = dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"{E9816B40-FD0C-4DE6-99D6-E43557699F53}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{EA6B450D-FAE7-40E8-857B-C42A8B7853BB}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe |
"{F1498B64-77B7-4D02-AB5C-049B88DC8468}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{FA9F35AE-C089-43FD-ACD2-6BFD78F13FDE}" = protocol=1 | dir=out | name=datei- und druckerfreigabe (echoanforderung - icmpv4 ausgehend) |
"{FD8D4F3A-61F5-4BEF-8290-BF2F90B39344}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002C9FA8-ED6A-4B44-883A-29A5EEE3A7F6}" = Lexware financial office pro 2012
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{051F9CB0-1499-4A0E-A861-CB19A5AAA906}" = NetObjects Fusion 12.0
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{10A11115-4EFC-4E86-BFC1-D53A478556A1}" = HP User Guides 0142
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series" = Canon MX870 series MP Drivers
"{1BE8806A-84F8-4655-A381-0D5524430944}" = ActivClient x86
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1E6219D4-027E-47EE-AB83-DD2F26E31A32}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{20E08DBB-9708-45E6-B4CD-3526ABC5BC6E}" = Zeugnis-Generator 10.0
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{32737B70-A271-4AE8-8631-6CBF6B697D45}" = SKAN
"{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"{33EBF075-8593-4698-BDAF-CF8DED80BB5B}" = Nokia Suite
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3513DD3C-7680-4C7C-BF18-BA375D5F4132}" = Pre-Boot Security for HP ProtectTools
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{58215966-9BA6-485D-B8DA-4AE31150B92E}" = HP Common Access Service Library
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5C9AA073-814D-4EB3-BE9C-4C1BACBC974C}" = Haufe Formular-Manager
"{64893BC9-D912-4A2D-A47A-E38650112781}" = Serif PanoramaPlus 3
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B54B1AE-EBCA-48BE-92AF-61D02118F093}" = Lexware online banking
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7239A06F-235B-43B1-970D-7A411FD95683}" = Nokia Software Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78365FC6-09CA-4AC3-BC01-70FB46596047}" = Validity Fingerprint Driver
"{7861911B-4270-498A-8F7A-FCF0570F48E3}" = HP QuickWeb
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}" = Marketsplash Schnellzugriffe
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}" = HP Officejet Pro 8500 A910 Hilfe
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95EFD16D-3A38-4E7A-901A-24A92399547C}" = Lexware Elster
"{98BCAD50-58AE-4EDD-9BBA-388B221E750B}" = Privacy Manager for HP ProtectTools
"{991A4895-3346-4980-990F-A1041B73C6F7}" = HP 3D DriveGuard
"{99CBA603-937D-4058-806F-7A9AF711A1AA}" = Eumex RNDIS Driver V1.00
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{9EA86AD9-FB32-4B9E-BD56-3068F9B8031F}" = HP Wireless Assistant
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABCB696E-2494-48FC-826D-0666CEE460DB}" = Drive Encryption for HP ProtectTools
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B962E962-6369-4F66-AF35-79CB39270D12}" = NetObjects Fusion 12.0
"{BA3EECE9-86A8-44B2-B655-CB3FCFE7EDF3}" = Haufe iDesk-Service
"{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}" = PC Connectivity Solution
"{BAEE9CD5-A680-43A2-A5FA-6F700C5AD45A}" = HP QuickLook
"{BB3085D5-7D88-4AF2-B08E-226E26E2A169}" = Haufe iDesk-Browser
"{BB5C44BC-1ADA-4BB3-B054-4514CF582009}" = NetObjects Fusion 12.0
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE3AD89B-F9B2-4E22-8FAB-BCF63190ABCD}" = HP ProtectTools Security Manager
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{C8439116-685C-4B25-B294-14F1C7BC4A68}" = Haufe Steuer Office
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{D5024462-1E13-4D83-B480-D586CCF0371B}" = Serif AlbumPlus SE PRO
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E2E25F53-EB64-4BC1-8A9E-B970BBEF8C1C}" = HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E546139F-B099-4a36-BCC2-AC7D68CA9383}" = Lexware financial office pro 2012
"{E8972F40-874D-4FA6-A6F4-52A8C99D8DDA}" = Serif PhotoPlus X3
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4477CC0-7293-414A-93BC-20EE897A80F0}" = Java Card Security for HP ProtectTools
"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7823B8F-05D0-457B-8F61-CA98ABE21D2D}" = HP Power Assistant
"{F8DD059A-FDA6-403A-81FC-51E522158683}" = Marketsplash Drucksoftware
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FACE9D51-E374-4DDB-857C-816FCB1D6B40}" = Eumex 800 V1.30
"{FD8234FF-A70D-4632-B146-F41AB37C0B24}" = HP Business Card Reader
"{FDC5E0B1-2739-48A1-8027-F76F2E68AC84}" = Lexware professional Datenbank 2012
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFBDA363-A033-4F32-8DE0-AEF0F105410E}" = HP ESU for Microsoft Windows 7
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"7-Zip" = 7-Zip 9.20
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ahnenblatt_is1" = Ahnenblatt 2.62
"Alice" = Alice-Installationsdateien entfernen
"AOL Deinstallation" = AOL Deinstallation
"avast" = avast! Internet Security
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"B7541EC5F72AA713F557569278EB6273725F5607" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"CCleaner" = CCleaner
"Drive Encryption" = Drive Encryption for HP ProtectTools
"ElsterFormular 13.0.0.8086k" = ElsterFormular
"ElsterFormular 2008 - 2009 2008-2009" = ElsterFormular 2008 - 2009
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HPProtectTools" = HP ProtectTools Security Manager
"InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"InstallShield_{FACE9D51-E374-4DDB-857C-816FCB1D6B40}" = Eumex 800 V1.30
"John Deere North American Farmer_is1" = John Deere North American Farmer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird 16.0.2 (x86 de)" = Mozilla Thunderbird 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Nokia Suite" = Nokia Suite
"PDF Complete" = PDF Complete Special Edition
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1128291690-297645493-3885562247-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab PDF Reader" = FoxTab PDF Reader
========== Last 20 Event Log Errors ==========
[ Hewlett-Packard Events ]
Error - 4/23/2012 1:03:13 PM | Computer Name = GVSSteffiMaaßen | Source = HPSF.exe | ID = 4000
Description =
Error - 6/4/2012 1:20:53 PM | Computer Name = GVSSteffiMaaßen | Source = HPSF.exe | ID = 4000
Description =
Error - 7/2/2012 10:06:29 AM | Computer Name = GVSSteffiMaaßen | Source = HPSF.exe | ID = 4000
Description =
Error - 9/10/2012 10:26:16 AM | Computer Name = GVSSteffiMaaßen | Source = HPSF.exe | ID = 4000
Description =
Error - 9/10/2012 10:26:37 AM | Computer Name = GVSSteffiMaaßen | Source = HPSF.exe | ID = 4000
Description =
Error - 9/17/2012 11:23:30 AM | Computer Name = GVSSteffiMaaßen | Source = HPSF.exe | ID = 4000
Description =
Error - 9/24/2012 11:02:55 AM | Computer Name = GVSSteffiMaaßen | Source = HPSF.exe | ID = 4000
Description =
Error - 10/8/2012 11:08:37 AM | Computer Name = GVSSteffiMaaßen | Source = HPSF.exe | ID = 4000
Description =
Error - 11/13/2012 3:35:15 AM | Computer Name = GVSSteffiMaaßen | Source = HPSF.exe | ID = 4000
Description =
Error - 11/13/2012 3:29:27 PM | Computer Name = GVSSteffiMaaßen | Source = HPSF.exe | ID = 4000
Description =
[ HP Power Assistant Events ]
Error - 12/4/2012 5:04:45 PM | Computer Name = GVSSteffiMaaßen | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]
Error - 12/29/2012 9:12:20 AM | Computer Name = GVSSteffiMaaßen | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]
Error - 1/1/2013 8:17:57 AM | Computer Name = GVSSteffiMaaßen | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]
Error - 1/5/2013 8:37:11 AM | Computer Name = GVSSteffiMaaßen | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]
Error - 1/11/2013 1:06:30 PM | Computer Name = GVSSteffiMaaßen | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]
Error - 1/13/2013 6:38:20 AM | Computer Name = GVSSteffiMaaßen | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]
Error - 1/21/2013 12:52:14 PM | Computer Name = GVSSteffiMaaßen | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]
Error - 2/20/2013 12:54:16 PM | Computer Name = GVSSteffiMaaßen | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]
Error - 2/24/2013 1:54:59 PM | Computer Name = GVSSteffiMaaßen | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]
Error - 2/25/2013 11:28:11 AM | Computer Name = GVSSteffiMaaßen | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]
[ HP Wireless Assistant Events ]
Error - 11/12/2010 12:52:54 PM | Computer Name = GVSSteffiMaaßen | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 11/12/2010 12:52:54 PM | Computer Name = GVSSteffiMaaßen | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 11/13/2010 11:52:42 AM | Computer Name = GVSSteffiMaaßen | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 11/13/2010 11:52:42 AM | Computer Name = GVSSteffiMaaßen | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Nicht unterstützt bei System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
bei HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 6/22/2011 2:08:46 PM | Computer Name = GVSSteffiMaaßen | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Aufruf wurde durch Messagefilter
abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
System.Management.ManagementBaseObject.get_Item(String propertyName) bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 9/10/2011 7:09:06 AM | Computer Name = GVSSteffiMaaßen | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
bei HardwareAccess.Hardware.Instance() bei PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme
powerScheme)
Error - 12/27/2011 7:49:45 AM | Computer Name = GVSSteffiMaaßen | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
bei HardwareAccess.Hardware.Instance() bei PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme
powerScheme)
Error - 5/14/2012 6:33:25 AM | Computer Name = GVSSteffiMaaßen | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
bei HardwareAccess.Hardware.Instance() bei PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme
powerScheme)
Error - 6/2/2012 12:44:39 PM | Computer Name = GVSSteffiMaaßen | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Aufruf wurde durch Messagefilter
abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObjectSearcher.Initialize()
bei System.Management.ManagementObjectSearcher.Get() bei HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) bei HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
radio) bei System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() bei
System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() bei HPPA_Service.CurrentConfiguration.ApplyFriendlyNames()
bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
Error - 9/29/2012 1:10:50 PM | Computer Name = GVSSteffiMaaßen | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
bei HardwareAccess.Hardware.Instance() bei PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme
powerScheme)
[ OSession Events ]
Error - 12/24/2010 11:08:52 AM | Computer Name = GVSSteffiMaaßen | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5446
seconds with 240 seconds of active time. This session ended with a crash.
Error - 7/29/2012 5:20:33 AM | Computer Name = GVSSteffiMaaßen | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 202
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 3/27/2013 2:05:20 PM | Computer Name = GVSSteffiMaaßen | Source = PNRPSvc | ID = 102
Description =
Error - 3/27/2013 2:05:20 PM | Computer Name = GVSSteffiMaaßen | Source = PNRPSvc | ID = 102
Description =
Error - 3/27/2013 2:05:20 PM | Computer Name = GVSSteffiMaaßen | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 3/27/2013 2:05:20 PM | Computer Name = GVSSteffiMaaßen | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 3/27/2013 2:05:20 PM | Computer Name = GVSSteffiMaaßen | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 3/27/2013 2:05:20 PM | Computer Name = GVSSteffiMaaßen | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 3/27/2013 2:06:07 PM | Computer Name = GVSSteffiMaaßen | Source = PNRPSvc | ID = 102
Description =
Error - 3/27/2013 2:06:07 PM | Computer Name = GVSSteffiMaaßen | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 3/27/2013 2:06:07 PM | Computer Name = GVSSteffiMaaßen | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
< End of report > --- --- ---
LG Kirsche0815 |