| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner? BKA? Aber alles funktioniert? Fehlermeldung in C:/users?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
05.08.2012, 13:00
| #3 |
 |  Trojaner? BKA? Aber alles funktioniert? Fehlermeldung in C:/users? Hallo t'john!!
__________________Ich danke dir so sehr dass du mir hilfst, das ist total lieb!! Also ich hab alles gemacht, hier ist das was bei malware rauskam: Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.05.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Janine :: JANINE-PC [Administrator] Schutz: Aktiviert 05.08.2012 10:24:36 mbam-log-2012-08-05 (13-15-26).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 377797 Laufzeit: 2 Stunde(n), 16 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Keine Aktion durchgeführt. (Ende) --> Ich hab dann auf entfernen geklickt und hoffe mal es ist nun gelöscht. Dann bei OTL das eine OTL.txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.08.2012 13:19:30 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Janine\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,75 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 53,29% Memory free 3,49 Gb Paging File | 2,07 Gb Available in Paging File | 59,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 136,95 Gb Total Space | 47,39 Gb Free Space | 34,61% Space Free | Partition Type: NTFS Drive E: | 931,51 Gb Total Space | 601,96 Gb Free Space | 64,62% Space Free | Partition Type: NTFS Drive F: | 483,56 Mb Total Space | 342,13 Mb Free Space | 70,75% Space Free | Partition Type: FAT Computer Name: JANINE-PC | User Name: Janine | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Janine\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\iWin Games\iWinTrusted.exe (iWin Inc.) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Programme\eMachines\eMachines Updater\UpdaterService.exe (Acer) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (iWinTrusted) -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe (iWin Inc.) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (Boonty Games) -- C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ePowerSvc) -- C:\Programme\eMachines\eMachines Power Management\ePowerSvc.exe (Acer Incorporated) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (Greg_Service) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe (Acer Incorporated) SRV - (Updater Service) -- C:\Programme\eMachines\eMachines Updater\UpdaterService.exe (Acer) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (DKbFltr) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys (Dritek System Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=e627&r=273602100505l0384z1k5r4852351n IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=e627&r=273602100505l0384z1k5r4852351n IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=e627&r=273602100505l0384z1k5r4852351n IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=e627&r=273602100505l0384z1k5r4852351n IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=e627&r=273602100505l0384z1k5r4852351n IE - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1286296952&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fby131w.bay131.mail.live.com%2Fdefault.aspx%3Fwa%3Dwsignin1.0&lc=1031&id=64855&mkt=de-de IE - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_deDE365DE365 IE - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=e627&r=273602100505l0384z1k5r4852351n" FF - prefs.js..extensions.enabledItems: {98e34367-8df7-42b4-837b-20b892ff0849}:1.7 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0849}: C:\ProgramData\iWin Games\firefox [2010.04.13 19:25:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.07.17 18:22:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 09:48:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.03 21:26:01 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.07.17 18:22:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 09:48:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.03 21:26:01 | 000,000,000 | ---D | M] [2010.02.09 20:37:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janine\AppData\Roaming\mozilla\Extensions [2012.05.03 16:27:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janine\AppData\Roaming\mozilla\Firefox\Profiles\owdk3ycl.default\extensions [2012.01.03 10:16:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.07.18 09:48:41 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.01.03 10:16:14 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.03 10:16:14 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.01.03 10:16:14 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.01.03 10:16:14 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.03 10:16:14 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.03 10:16:14 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll (iWin Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1200776420-1261404832-3851839743-1001..\Run: [ICQ] C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ICQ Away Reader.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{210A6D85-5C15-4AFC-9E10-EA3813A64404}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E807CD5E-96A6-46FF-875A-195D75B29AE8}: DhcpNameServer = 217.0.43.193 217.0.43.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.08.05 13:16:59 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Janine\Desktop\OTL.exe [2012.08.05 10:22:19 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Roaming\Malwarebytes [2012.08.05 10:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.08.05 10:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.08.05 10:21:58 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.08.05 10:21:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.08.05 10:08:55 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{3F90A785-870B-4EA8-B972-F3743A59DE7E} [2012.08.05 10:08:04 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{DAEB1A17-6DB7-49E7-A868-7647B104689B} [2012.08.04 09:42:39 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{4B8001C1-3911-45D1-8D38-7C62D1EA132C} [2012.08.04 09:40:59 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{857610D0-0295-4EF9-8FC1-0923EA79BBCF} [2012.08.03 21:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012.08.03 21:26:01 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.08.03 21:25:14 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.08.03 21:25:14 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.08.03 10:33:46 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{B44DB4E5-9A0D-4965-946E-303DBF9AD159} [2012.08.03 10:32:07 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{3A15155F-1771-43F2-A9DC-B0229B6F0454} [2012.08.02 10:04:42 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{ED8EAFDF-7C03-49E4-82EF-7C2700C0B63A} [2012.08.02 10:04:00 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{8FA92618-8FCF-43C1-B979-1269D7B44E7A} [2012.08.01 07:10:18 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{02FB83EF-75B2-4712-8AC7-3443B2CC1495} [2012.08.01 07:09:37 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{8F16CD1E-EE06-42BE-811C-D16761BD49B6} [2012.07.31 10:45:26 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{469CB869-320B-4C78-8D07-1962DAF28F11} [2012.07.31 10:44:21 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{EA6DF65E-871D-4112-9154-76724700B194} [2012.07.30 09:31:46 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{8D201A04-198A-4A66-9A84-759E3BC64500} [2012.07.30 09:28:21 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{11DD3859-C14D-42F5-9E57-EB49265413EE} [2012.07.29 18:56:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AztecTribeNewLand [2012.07.29 11:07:30 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{CF12846B-A711-492A-96ED-186C86CE9B2F} [2012.07.28 10:34:42 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{B5771AFF-728E-4014-AE57-1AE6D10FB066} [2012.07.28 10:33:25 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{A5FADCE9-D02C-4EC9-AA55-92062DE3BB1A} [2012.07.27 09:34:21 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{D6E07E9C-5DE8-4113-8DBD-1E68A10FBE77} [2012.07.27 09:34:06 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{FE593932-6967-4E49-BD4A-5482413C3E16} [2012.07.26 07:55:35 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{A90843FF-133F-4FA1-8FAF-40712AC1A207} [2012.07.25 07:43:54 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{9433B4D5-4833-49EF-80B2-6825D4FD480D} [2012.07.25 07:43:33 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{43343CD3-0798-48EF-8E9C-2AE129F6BAE7} [2012.07.24 10:06:22 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{8E56916B-53D2-4D46-A3E3-FC5EAE802258} [2012.07.24 10:06:00 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{A3043252-BF4A-4F31-BE17-06073EC6A21D} [2012.07.23 09:33:26 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{E49C6F91-D01E-426B-9B7E-F74E75235A91} [2012.07.23 09:32:33 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{D808E35E-589C-46D6-BD7B-EDD883005EDB} [2012.07.22 12:18:53 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{861E9B1B-097C-4439-9737-3EC52BE5DD91} [2012.07.22 12:18:27 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{1AF5D2B2-FC29-4DE1-9915-B03914D658F2} [2012.07.21 10:30:34 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{D4908851-E321-4017-B68A-7B8D05FD9071} [2012.07.20 09:55:49 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{CBBD0323-6685-4840-8D7B-8518DB26848C} [2012.07.19 09:20:26 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{0F2BAC01-808D-4D8E-865C-7C394C1D1BF9} [2012.07.19 09:19:51 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{E1F10CF2-5F59-4E6D-9805-A3B8E052D8EE} [2012.07.18 22:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012.07.18 09:47:58 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{6760BDEC-F7EA-4F76-8607-CFCD61AB8349} [2012.07.18 09:47:12 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{F377048F-7B24-4E86-A68B-D28C219D3958} [2012.07.17 18:31:47 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\HP [2012.07.17 18:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG [2012.07.17 18:30:21 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Roaming\HP [2012.07.17 18:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion [2012.07.17 18:22:46 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Roaming\Yahoo! [2012.07.17 18:22:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo! [2012.07.17 18:20:48 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2012.07.17 18:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard [2012.07.17 18:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2012.07.17 18:17:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP [2012.07.17 18:14:59 | 000,000,000 | -H-D | C] -- C:\Config.Msi [2012.07.17 18:14:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2012.07.17 18:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2012.07.17 18:12:58 | 000,966,656 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_p01a.dll [2012.07.17 18:12:58 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll [2012.07.17 18:12:58 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll [2012.07.17 18:12:57 | 001,411,584 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_p01a.dll [2012.07.17 18:12:57 | 000,512,512 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_p01a.dll [2012.07.17 09:45:51 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{C683ACE3-A173-4DA9-B027-930ECFC65A61} [2012.07.17 09:45:10 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{88B6FBEA-359F-4305-B652-E2F3A89B79F3} [2012.07.16 09:28:50 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{63587FE4-E79B-47CA-9160-41C16AE297E2} [2012.07.16 09:26:59 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{F92F95DC-87E3-440A-8372-6E7D80D2AA48} [2012.07.15 09:25:06 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{DFBA4D64-16BA-4E5B-8E7F-D88F5FA6BEB9} [2012.07.15 09:24:35 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{87D03043-81CD-498A-9EBB-9E72623D537B} [2012.07.14 16:46:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.07.14 16:46:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.07.14 16:46:39 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.07.14 16:46:34 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.07.14 16:46:32 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.07.14 16:34:59 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{A305C1CA-B934-4F12-A939-7DB2C4FDB807} [2012.07.14 16:34:18 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{8F134113-BFDC-44DB-BB57-EB186C95FCEC} [2012.07.10 06:40:30 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{8F8B530E-0E35-4A4F-86F8-2B1142081649} [2012.07.10 06:38:36 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{3385B0E9-D573-4C91-8F0C-E98953DC8D26} [2012.07.09 12:02:08 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{7A73B29D-C96F-4640-A654-DEAE2133728F} [2012.07.08 21:16:19 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{883EAC53-11E1-4D5D-843E-AF68569A70F1} [2012.07.08 21:15:56 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{6E41CB07-7A83-4114-9BB5-3D3AE2E14DF3} [2012.07.08 09:13:54 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{C71D3EEB-58DF-4868-B175-CB490B9640E3} [2012.07.08 09:13:06 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{5001BC4F-456E-47C6-A179-52B2E8B7A246} [2012.07.07 10:41:51 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\Macromedia [2012.07.07 10:40:37 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.07.07 10:38:30 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{FC7E52A7-1B2A-4367-8CCB-A6FD280B7622} [2012.07.07 10:37:12 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{E760076C-926F-45A8-9FBA-3C32C74D639B} [2012.07.06 14:37:19 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{CDA81F80-EB32-4E34-95B5-187E27A61CE6} [2012.07.06 14:36:51 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Local\{E83C2B6C-4A36-4FF9-90A9-C123D1C601BF} [2009.10.23 23:44:31 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.08.05 13:34:07 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.08.05 13:17:00 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Janine\Desktop\OTL.exe [2012.08.05 12:45:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.08.05 10:22:01 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.05 10:15:28 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.05 10:15:28 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.05 10:07:16 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.08.05 10:06:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.05 10:06:34 | 1406,177,280 | -HS- | M] () -- C:\hiberfil.sys [2012.08.03 15:45:51 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.08.03 15:45:51 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.08.01 21:26:07 | 001,512,418 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.08.01 21:26:07 | 000,659,238 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.08.01 21:26:07 | 000,620,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.08.01 21:26:07 | 000,132,776 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.08.01 21:26:07 | 000,108,566 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.29 18:52:25 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Aztec Tribe New Land.lnk [2012.07.25 23:23:58 | 004,503,728 | ---- | M] () -- C:\ProgramData\z7_0ytr.pad [2012.07.18 09:44:17 | 000,426,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.17 18:29:59 | 000,221,257 | ---- | M] () -- C:\Windows\hpoins30.dat [2012.07.17 18:20:02 | 000,002,108 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.08.05 10:22:01 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.29 18:52:25 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Aztec Tribe New Land.lnk [2012.07.25 10:36:46 | 004,503,728 | ---- | C] () -- C:\ProgramData\z7_0ytr.pad [2012.07.17 18:20:02 | 000,002,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012.07.17 18:13:39 | 000,221,257 | ---- | C] () -- C:\Windows\hpoins30.dat [2012.07.17 18:13:39 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat [2012.07.07 10:40:39 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.30 21:43:22 | 000,000,152 | ---- | C] () -- C:\Windows\Missing.ini [2011.11.20 16:35:56 | 000,012,770 | ---- | C] () -- C:\Users\Janine\AppData\Local\slot1.mm1 [2010.12.24 09:43:17 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2010.02.09 18:17:11 | 000,000,144 | ---- | C] () -- C:\Users\Janine\AppData\Roaming\wklnhst.dat ========== Alternate Data Streams ========== @Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:ABE89FFE @Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:9B52F176 @Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:C2F4E9AE @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:D9CED075 @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:8DD36B71 @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:5506D17E @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:3DB62269 @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:3DB251F0 @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:2C4CFF17 @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:FFBCBDB7 @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:AC73CDCE @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:43D7076B @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:F8C595D1 @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:9F47F32C @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:6A37FCC3 @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:CAF8DAC8 @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:8EEE3BBB @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:65621319 @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:5EBA4934 @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:013CE219 @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:E3C56885 @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:B0BD7797 @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:701B92FB @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:38FF076E @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:367F03D2 @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A95624CB @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:F2DC4B0B @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9D74BB19 @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:94124B85 @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:86B23CB4 @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:5E3FBF9D @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:3D0C4F47 @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E1F04E8D @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:CB5C4185 @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:751D6870 @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:73879882 @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:3AE22B1A @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:138A0A84 @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:50717788 @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:9BCFB47A @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:6A16A184 @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:56A74E89 @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:4CF61E54 @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:CBEB737E @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:24FFE96C @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:CA4FAE31 @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:898109B4 @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:BAC56E61 @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:B64798F2 @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:444C53BA @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:40464012 @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:DD95E6D9 @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:C04C48D4 @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:6ECD2470 @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5EB551C8 @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:B6C1A5F4 @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:657AE62F @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:C602FACB @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:38849DE5 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:95C6C67C @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:39DFF372 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:27D3515D @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:F9CA48AF @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D01ACC06 @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:9D03192E @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:9B72C2B1 @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:94E8CC47 @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:47A24D4B @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:39637387 @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:F0E52E4F @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:C6CD88E9 @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:AC0528D9 @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:4A74A9A7 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:A851461E @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:831F2C78 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:3EB6E559 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:36EEEDAC @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E5A0CAF8 @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:DD9FFC08 @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D4E54A89 @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:9F2B366E @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:2BE4216C @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:51387F29 @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:9B750A13 @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:217A2A36 @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0E544CF5 @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:AB689DEA @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:5A6EA835 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:CA99FD89 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:AED4FFF5 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A279C25A @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6ABA8CF1 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:39613F68 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:19A40E81 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:CB0FEE2B @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:755BD5CD @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:351730E8 @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:969736FD @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:0B9176C0 @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:D33169E5 @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:81AF749E @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:2702A8B3 @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:2FDFA8E2 @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:7FD199E4 @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:4D066AD2 @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:14F07CC4 @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:93DE1838 @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:6EE5C3ED @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:17927369 @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:E99D1D3C @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:35629AE6 < End of report > Und das zweite , Extras.txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 05.08.2012 13:19:30 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Janine\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,75 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 53,29% Memory free
3,49 Gb Paging File | 2,07 Gb Available in Paging File | 59,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 136,95 Gb Total Space | 47,39 Gb Free Space | 34,61% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 601,96 Gb Free Space | 64,62% Space Free | Partition Type: NTFS
Drive F: | 483,56 Mb Total Space | 342,13 Mb Free Space | 70,75% Space Free | Partition Type: FAT
Computer Name: JANINE-PC | User Name: Janine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033E7E4D-E3EE-43EC-BDD8-F74727990BAA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{098E4909-FD68-467E-ABA8-8BB99A48D671}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0BC5BFA6-60B1-4645-AC10-44312FB61B6B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0FEBAB4C-7548-433E-A827-871FED45AECC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14F5D32F-052C-4E5A-A7AE-822AABB840EF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D307951-9B4C-49AE-91C9-EFB04E83BD4D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1D6C6DDE-53B4-4351-9119-04DCA6FC697F}" = lport=137 | protocol=17 | dir=in | app=system |
"{26C35844-FA36-475F-97F3-D9E86EBA6708}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F197DBB-3298-4EC6-B50D-9FC1B8355B71}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{36332713-4803-4F80-A43F-84C7EC135C20}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{373DF0DC-A88E-4361-AE0A-A45BED435C50}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3940A17D-DD74-4E67-A7A7-4DC5B58DD1C3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{462B9D2E-8083-4773-B61B-887C93D23857}" = lport=139 | protocol=6 | dir=in | app=system |
"{4C0E8124-C00A-4929-A941-090722258EBC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{557F1E8A-D510-49A2-9A2F-601A69AB4FDD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{560374AA-12CE-468D-9111-BD0EFAC8B632}" = rport=2869 | protocol=6 | dir=out | app=system |
"{598BBD37-92C0-45AD-AF89-ACDD70D362B7}" = lport=445 | protocol=6 | dir=in | app=system |
"{5D5F2999-A7A5-4180-A0CE-DCE497824F8D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5E617792-3023-4013-8257-23EF7EF73EAA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{607D927F-1A15-403A-9967-5A459C36A943}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{69669309-D111-4C9E-83A8-301EC7E44766}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6A22F30B-8A9B-4E5E-825E-1421B88C001C}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6AC36E0D-5660-4750-94B8-EC4368A9FE10}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6E747C1C-20F1-4BCC-9AE7-9FF27C8CADDE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{711C543B-BEDD-45A5-BF4A-1D1D20C3DA8B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{732BE68D-943E-437D-B50F-DDF8777E7D4E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7CB71F98-150A-4D3A-9B82-5F90B156B6BC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{82563217-6721-49AC-BFB4-E3265B3B89C1}" = lport=138 | protocol=17 | dir=in | app=system |
"{84676E06-B7B5-41AE-BBB5-730206A95942}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{84AFC8C3-CDD2-4680-AAB9-7DDA0E019D03}" = lport=2869 | protocol=6 | dir=in | app=system |
"{95F22231-B2A2-4E89-9DC7-27DE518C4E5F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{981EFB9A-CE3E-465C-9CBC-0DA180587D3C}" = rport=137 | protocol=17 | dir=out | app=system |
"{9A0A5A6D-E4A2-4003-AA79-DF87193085AB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9B238D90-A55E-4C37-8E6D-1BF9C99B72BA}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A95A9EF1-827B-4596-AFF3-229CB4B3A04A}" = rport=139 | protocol=6 | dir=out | app=system |
"{AEF080EC-3007-498A-A450-183BF4D4F7ED}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{B052DB42-CE06-47AF-8E47-002F0057FE92}" = rport=138 | protocol=17 | dir=out | app=system |
"{B1EB5E17-FD04-496D-997A-3CE7AD7C0A99}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B8EF8535-B2D6-4AF5-8AEE-6C34A8D03671}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{BA1C67D3-1CDB-45EE-A53E-ACA1CD70F492}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D62A3EBC-655C-4627-8632-40B6E83F387F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D918735C-712B-4F3C-9478-945352CE8A26}" = rport=445 | protocol=6 | dir=out | app=system |
"{EE4BC7AD-DDCD-447E-AA79-97F6470F7C1C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F08E644C-4DAD-480C-B30E-E53457629C4D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F33D01B0-BA03-4860-A3E1-88FB3BB8A1EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06DD4281-B5F2-49E6-BA0A-D1EE8B628FAA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{07094C2D-2B32-45BE-8E76-E0540473CAE0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0E9705ED-9006-47E8-95EC-4CC27E19786F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{12983D4C-950C-486F-B91F-7478486A0DD3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{156CF187-78A3-4AF9-BCF1-681FAA35BBF7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15B88438-32D3-4E31-A219-883D1FFFB8AF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{16D6E763-FF9F-4C25-BE2B-9684448730D4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{16EBAEE3-A57F-4DED-9CEB-88F1B3425E47}" = protocol=17 | dir=in | app=c:\program files (x86)\iwin games\iwingames.exe |
"{1CD37C2C-ADFC-4A6A-A01B-CFDB73FA4DF8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1E14D63A-D431-43A4-9A91-D233164C1D06}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1EAAB755-7EB5-487C-8479-6B39C6D00DAC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{1F49B054-3A12-4391-863D-55D3658E82F7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{20331ACA-A1ED-4F21-90E0-937E574753F8}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{20948457-A479-4C87-A848-EFF8EF4669DB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{22ED0072-82F4-4BF0-8623-90B5AEE0414D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{2B0FB30E-3B2C-41E7-94A7-602896178124}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E134C30-4F1E-4170-B912-205D7EC9AAE5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{31BCFED0-3C23-4155-A082-1921F651FCC1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{32DADA69-D900-4537-8A2A-5031FA7EF931}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{37E5F1E4-1C85-4D0E-8688-89EB7B4BE315}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{386DFE07-1F28-4FB8-B064-E5297E117245}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{44154568-450F-49B2-918E-0BDD298020BE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{44AE17EB-5E67-44E5-B121-89ADA590D32F}" = protocol=17 | dir=in | app=c:\program files (x86)\iwin games\webupdater.exe |
"{4548105B-637C-4245-8361-0ED03267A5FA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46992107-B1FA-4946-A694-B04FADB1F58A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{49E755B9-803B-4CCD-B0F0-C8475EFBE005}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4D73771A-9DF8-4E24-B182-CBDF16334042}" = dir=in | app=c:\users\janine\appdata\local\temp\7zs7142\setup\hpznui40.exe |
"{513ECF46-08F6-431C-921D-533C6F3F2678}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{55D6BF8A-147A-4BE0-8CE0-2BC6083B8708}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5A7B1598-9554-494A-BC25-6FB051B277E1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5AE8D98E-DF1C-4BA3-A26D-87880785A053}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{665185D2-97F1-42C1-A092-2925BD0203B2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{6701B3C8-EABF-4EF9-89F7-E8FD03E332A7}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{68C3FFB0-AE50-4FE8-9163-CC36AA504425}" = protocol=6 | dir=in | app=c:\program files (x86)\iwin games\iwingames.exe |
"{6AB92302-3229-4D8B-8146-E77B8E6E424A}" = protocol=6 | dir=out | app=system |
"{7290C00B-66C1-4AFF-891D-6FBE73591579}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{72E36C6F-1CBD-447A-B918-72715D7E18A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{894F0E4F-4463-4F78-BB5D-BDE60F558B4E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{91362EE9-3D06-4DE7-A2E9-9105910BE171}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{9671E980-CFE8-4880-B64F-9498D53F07C1}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{986A374B-E7DC-419A-9E4C-DEA1D6F53800}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C42CAD0-DA0D-41FD-9938-C5BE14040E74}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{9DE501FF-3BE8-4109-87F8-DA6F4566AE06}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A27D5B99-CC71-484D-95BD-2D30FB61E1BD}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A38DB2CF-656B-4448-A2A3-0D322B21389B}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{A4507B4D-87A8-47A9-B5EA-77E0D1B5D596}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{A475FAD0-8B1C-41F0-A421-E707DF1158C1}" = protocol=6 | dir=in | app=c:\program files (x86)\iwin games\webupdater.exe |
"{AA1A9528-6F27-484C-8966-5A90DE923464}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{AE1C54AB-3F5F-48DD-86D1-6ADB566C834F}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{AE4B667C-8B83-43D4-959B-655BC4E775D6}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{AE4BDC01-1D0A-4619-A9EF-48FEE9C506E9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AE74664B-6B25-4914-A7CB-1590CFD93A17}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{B82EFE21-E65B-478C-A432-DCB13795C8FC}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{B830C6B7-809D-4D99-9454-4D5D7F9B337D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{C42019A5-F746-4478-8AF0-3314AFE1A3D7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C8D5B716-4D86-4E37-9CB5-9E5AB37A8A04}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C91CB99A-A680-4ACD-9ECC-FEDE076ACAD4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{CAF59A23-44B4-4A92-86C8-9382CB549BA0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{CD184A9B-5612-4FC2-B033-B55885FBF2E3}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{D1B7E568-1F0B-40F2-9A16-7E0065C7E15A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{D55BC428-C5F7-471E-B7EA-5F61AE28FEE2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DA753225-ED46-4EB4-A2F3-FEDB73FC4CEF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DDDA5A0E-B9BA-444B-A848-35EAA790353C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E44A6496-37AE-4A79-B82C-9BD0F2524441}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E566F67E-F6B8-4044-A2B6-E3CB7E684B93}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{E8F9973F-81F9-4A88-A8D1-1E54C052119A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{ED008F3D-807A-4DED-9964-CEF7B2E9FEE8}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{F935660A-1F71-4387-B851-C391A2CCCC43}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F9E42F87-5378-4B3C-A1A7-F372D8017BFC}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{FBBCC2EC-8169-49F7-B6A3-18D15A6B81BD}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{FD60B420-C502-4891-825F-AB24AAEAF3AC}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"TCP Query User{610BFEF5-8B37-495C-BE61-108BFD318E22}C:\program files (x86)\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"TCP Query User{CF507B15-9BDA-4624-8070-1CB80D08941F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{79776905-737B-4019-9113-02BAF8116D06}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{F7BD88CC-8E68-4256-8AF6-32AA2EAE3195}C:\program files (x86)\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AA6F009F-0CCD-4DD6-A462-28419C101D54}" = HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ACCA82EB-7088-919E-5E1C-100A24F11CCF}" = ATI Catalyst Install Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E2FCA441-6D7B-CD78-3ADF-42EA9FA06065}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{183F0908-AD5E-8B3B-5F06-28B1A8C65C62}" = CCC Help Japanese
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23E9588B-05ED-BC2F-EB69-101A96511EF1}" = ccc-core-static
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2484D1EA-CBA4-60BB-82B9-F8477D25C47A}" = CCC Help Dutch
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 5
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29802D65-9514-DB20-36CD-E47A94C8AEB9}" = Catalyst Control Center Graphics Full Existing
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F61E9D7-CD05-643E-A04E-CC1A8B6610BA}" = CCC Help Finnish
"{2FA3CDD8-1436-497D-6339-789936561E99}" = CCC Help German
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{31D611A1-03B5-4018-BC6F-DDB5B5616478}_is1" = eMachines GameZone Console
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34123E80-BE96-6282-1167-6696730AF6D2}" = CCC Help Korean
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D20EF26-2E9A-D388-851D-E7675BBACFF5}" = Catalyst Control Center Core Implementation
"{3DB0448D-AD82-4923-B305-D001E521A964}" = eMachines Power Management
"{4024F49B-65D4-D6B2-2A1D-6DBF6F09F181}" = CCC Help Greek
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{49A63237-FD38-AE77-6DF6-FFB41499A4E6}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F0FC827-B693-F166-612E-EA89D798540C}" = CCC Help Chinese Traditional
"{52FBF90E-D2EF-A2A3-1CCA-6984596B1B02}" = CCC Help English
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{628CBFE4-3823-67FB-26D2-566899C3BB5C}" = CCC Help Italian
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{63F26DAE-CB0D-98B6-3019-D4FC3D0DD203}" = Catalyst Control Center InstallProxy
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{652EB559-6865-DEF4-2409-D506963C15FD}" = CCC Help Polish
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68987945-A387-4C25-0C59-21F2AF657E65}" = CCC Help Thai
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B45E33B-6BB4-234B-2F5F-65B1A103801D}" = CCC Help Russian
"{6B99737C-9FDC-50F9-C9A4-AB7DA5C9A336}" = Catalyst Control Center Graphics Full New
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BE74C0E-F300-D0A6-780B-C93BB78DE58C}" = CCC Help Norwegian
"{7E75ACC5-B0EC-7006-183A-374974019911}" = Catalyst Control Center Graphics Light
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97124B44-C17B-C352-44B1-403D0D706173}" = CCC Help Czech
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ACA8261-11D1-F8A1-C154-7F8B23515C79}" = CCC Help Swedish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DC11D9A-6DCD-4064-8363-63914A0122AB}" = C4500
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9574A7E-C024-EED1-7A81-CC4786A1915A}" = CCC Help Portuguese
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA32D2A6-1299-0F05-BF8D-04075A9F69EB}" = CCC Help Turkish
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.1 MUI
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{BCC05B1F-7397-799A-9EDB-AC10123BB17A}" = CCC Help Chinese Standard
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEF4FD8A-29FF-C250-468A-5FC55F0E3451}" = Catalyst Control Center Localization All
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF408B76-8698-4298-B549-5E6A94931B64}" = PS_AIO_04_C4500_Software_Min
"{CF7A62B6-F712-412E-9914-D80033A7F8B8}" = Catalyst Control Center - Branding
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D41301F8-90FD-9CE8-CD2C-ED2B9D5F07E3}" = CCC Help Spanish
"{D43AD08C-BE76-8C5B-FD90-4B665EF60E2E}" = CCC Help Danish
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DA4CA661-5ABF-9218-6E42-84BF89F43655}" = CCC Help French
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E3409E1E-9E28-4A48-AE27-599F0A0EB857}" = The Partners
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = eMachines Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Aztec Tribe: New Land" = Aztec Tribe: New Land
"Be a King: Golden Empire" = Be a King: Golden Empire (nur deinstallation)
"Beetle Ju 3" = Beetle Ju 3
"bgbennyboyEMIReplacementSetup_is1" = Escape From Monkey Island
"DivX Setup.divx.com" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"EADM" = EA Download Manager
"eMachines Registration" = eMachines Registration
"eMachines Screensaver" = eMachines ScreenSaver
"eMachines Welcome Center" = Welcome Center
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"iWinArcade" = iWin Games (remove only)
"LastFM_is1" = Last.fm 1.5.4.27091
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"MISEC" = Monkey Island™ Special Edition Collection
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Royal Envoy" = Royal Envoy
"ScummVM_is1" = ScummVM 1.4.1
"Tales of Monkey Island" = Tales of Monkey Island
"TeamViewer 7" = TeamViewer 7
"The Fall Trilogy - Chapter 1: Separation" = The Fall Trilogy - Chapter 1: Separation (nur deinstallation)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1200776420-1261404832-3851839743-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.03.2012 12:32:18 | Computer Name = Janine-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 16.03.2012 12:32:18 | Computer Name = Janine-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 16.03.2012 12:32:18 | Computer Name = Janine-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 18.03.2012 07:15:10 | Computer Name = Janine-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 18.03.2012 07:53:56 | Computer Name = Janine-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 18.03.2012 07:55:16 | Computer Name = Janine-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 18.03.2012 07:55:44 | Computer Name = Janine-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 18.03.2012 07:55:44 | Computer Name = Janine-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 18.03.2012 07:55:44 | Computer Name = Janine-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 18.03.2012 07:55:44 | Computer Name = Janine-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 03.08.2012 15:51:06 | Computer Name = Janine-PC | Source = ipnathlp | ID = 30013
Description =
Error - 03.08.2012 16:11:05 | Computer Name = Janine-PC | Source = ipnathlp | ID = 30013
Description =
Error - 04.08.2012 03:39:21 | Computer Name = Janine-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 04.08.2012 03:39:21 | Computer Name = Janine-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 04.08.2012 03:42:03 | Computer Name = Janine-PC | Source = ipnathlp | ID = 34001
Description =
Error - 04.08.2012 03:42:03 | Computer Name = Janine-PC | Source = ipnathlp | ID = 30013
Description =
Error - 05.08.2012 04:06:43 | Computer Name = Janine-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 05.08.2012 04:06:43 | Computer Name = Janine-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 05.08.2012 04:08:27 | Computer Name = Janine-PC | Source = ipnathlp | ID = 34001
Description =
Error - 05.08.2012 04:08:27 | Computer Name = Janine-PC | Source = ipnathlp | ID = 30013
Description =
< End of report >
Ich hoffe so ists richtig! Was nun? Liebe Güße!  |
| Themen zu Trojaner? BKA? Aber alles funktioniert? Fehlermeldung in C:/users? |
| antivirus, avira, beim starten, computer, explorer, externe festplatte, fehlermeldung, festplatte, firefox, frage, gesperrt, infiziert, löschen, microsoft, rty0_7z.exe, software, starten, stick, suche, temp, trojaner, trojaner?, usb, viren, windows |
Baum-Darstellung