| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Weißer-Bildschirm mit Zahlungsaufforderung, Abgesicherter Modus fährt sofort runterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
13.05.2013, 13:17
| #1 |
 |  Weißer-Bildschirm mit Zahlungsaufforderung, Abgesicherter Modus fährt sofort runter Heyho, wie in dieser Frage http://www.trojaner-board.de/134171-...rt-runter.html (in der ich leider nicht antworten konnte) habe ich das gleiche Problem. Abgesicherter Modus fährt sofort wieder runter und normal der weiße Bildschirm mit Zahlungsaufforderung. Habe schonmal den ersten Schritt ausgeführt: OTL.exe vom USB-Stick durch Abgesicherten Modus mit Eingabeaufforderung. Dabei kam raus: OTL Code:
ATTFilter OTL logfile created on: 13.05.2013 13:44:30 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = g:\ Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 87,73% Memory free 6,49 Gb Paging File | 6,12 Gb Available in Paging File | 94,17% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 59,90 Gb Total Space | 19,13 Gb Free Space | 31,94% Space Free | Partition Type: NTFS Drive D: | 100,00 Gb Total Space | 9,35 Gb Free Space | 9,35% Space Free | Partition Type: NTFS Drive E: | 305,76 Gb Total Space | 28,06 Gb Free Space | 9,18% Space Free | Partition Type: NTFS Drive F: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive G: | 1,89 Gb Total Space | 1,56 Gb Free Space | 82,69% Space Free | Partition Type: FAT32 Computer Name: FIGUR-PC | User Name: figur | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.13 13:33:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- g:\OTL.exe PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2010.11.20 14:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV - [2013.04.11 15:35:30 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.02.26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- E:\teamviewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011.07.03 19:05:37 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- E:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.04.29 11:44:23 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- E:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.11.20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.10.15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Stopped] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2009.08.24 15:38:06 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Gigabyte\EasySaver\essvr.exe -- (ES lite Service) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.04.20 18:20:30 | 000,009,216 | ---- | M] (Vodafone) [Auto | Stopped] -- E:\Program Files\VMC\Bin\VMCService.exe -- (VMCService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs) DRV - [2013.05.13 13:38:56 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2013.02.26 00:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012.07.02 12:23:05 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn) DRV - [2012.04.18 19:08:04 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2011.07.06 04:22:55 | 000,648,808 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtl8192cu.sys -- (RTL8192cu) DRV - [2011.07.03 19:05:38 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.07.03 19:05:38 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.05.13 04:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011.05.13 04:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2011.05.13 04:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) DRV - [2011.05.13 04:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2011.05.13 04:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2011.03.07 11:21:40 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsnmea.sys -- (zghsnmea) DRV - [2011.03.07 11:21:28 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsmdm.sys -- (zghsmdm) DRV - [2011.03.07 11:20:40 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsdiag.sys -- (zghsdiag) DRV - [2011.03.07 11:20:08 | 000,015,896 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter_hs.sys -- (massfilter_hs) DRV - [2011.02.12 17:39:53 | 000,281,760 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2011.02.12 17:39:53 | 000,025,888 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011.02.12 16:17:58 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.06.17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.04.27 12:56:44 | 000,019,496 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger) DRV - [2009.04.09 14:38:30 | 000,110,592 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet) DRV - [2009.04.09 14:38:30 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice) DRV - [2009.04.09 14:38:30 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009.04.09 14:38:30 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009.04.09 14:38:30 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009.04.09 14:38:30 | 000,007,680 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2008.10.09 14:50:08 | 000,022,528 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad) DRV - [2008.10.09 14:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2003.04.19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tandpl.sys -- (tandpl) DRV - [2003.03.02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\enodpl.sys -- (enodpl) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.de.maxiwe.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.de.maxiwe.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.de.maxiwe.com IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.de/ IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 76 DD D2 D4 53 D0 CB 01 [binary data] IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\..\SearchScopes,DefaultScope = {D1B3CE3F-25C0-4a35-99C5-1177239FA3DF} IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\..\SearchScopes\{C89A4C31-E138-41b2-A7C7-7A30DB2C13CD}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms} IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\..\SearchScopes\{D1B3CE3F-25C0-4a35-99C5-1177239FA3DF}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD IE - HKU\S-1-5-21-3109638477-127064589-495194791-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.5 FF - prefs.js..extensions.enabledAddons: {800b5000-a755-47e1-992b-48a1c1357f07}:1.4.7 FF - prefs.js..extensions.enabledAddons: ffxtlbra@softonic.com:1.6.0 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.7&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\figur\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\figur\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: E:\Program Files\VMC\Optimization Client\addon\ [2011.02.28 13:58:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: E:\Program Files\Firefox\components [2012.12.13 01:08:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: E:\Program Files\Firefox\plugins [2013.04.14 14:50:02 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: E:\Program Files\Firefox\components [2012.12.13 01:08:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: E:\Program Files\Firefox\plugins [2013.04.14 14:50:02 | 000,000,000 | ---D | M] [2011.03.05 21:29:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\figur\AppData\Roaming\mozilla\Extensions [2012.11.04 14:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\figur\AppData\Roaming\mozilla\Firefox\Profiles\qex9jmqo.default\extensions [2012.08.02 16:42:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\figur\AppData\Roaming\mozilla\Firefox\Profiles\qex9jmqo.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.05.14 13:31:08 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\figur\AppData\Roaming\mozilla\Firefox\Profiles\qex9jmqo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.10.14 14:50:18 | 000,000,000 | ---D | M] (softonic.com) -- C:\Users\figur\AppData\Roaming\mozilla\Firefox\Profiles\qex9jmqo.default\extensions\ffxtlbra@softonic.com [2012.11.04 14:25:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\figur\AppData\Roaming\mozilla\Firefox\Profiles\qex9jmqo.default\extensions\staged [2012.11.04 14:29:54 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-1.xml [2011.10.05 21:25:09 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-10.xml [2011.11.13 15:22:11 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-11.xml [2012.03.30 12:33:44 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-12.xml [2011.06.11 15:14:33 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-2.xml [2011.07.11 02:20:18 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-3.xml [2011.08.15 16:57:54 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-4.xml [2011.08.22 16:58:17 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-5.xml [2011.09.01 21:10:17 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-6.xml [2011.09.05 18:46:26 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-7.xml [2011.09.08 23:24:58 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-8.xml [2011.09.09 20:00:38 | 000,000,950 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin-9.xml [2012.03.19 20:09:28 | 000,000,168 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin.gif [2012.03.19 20:09:28 | 000,000,618 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin.src [2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\figur\AppData\Roaming\mozilla\firefox\profiles\qex9jmqo.default\searchplugins\icqplugin.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\figur\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\figur\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\figur\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = E:\Program Files\Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = E:\Program Files\Java\bin\new_plugin\npjp2.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\figur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\figur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Mail = C:\Users\figur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ Hosts file not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-3109638477-127064589-495194791-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-3109638477-127064589-495194791-1000..\Run: [Spotify Web Helper] C:\Users\figur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\figur\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - E:\Program Files\ICQ\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - E:\Program Files\ICQ\ICQ7.4\ICQ.exe (ICQ, LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-3109638477-127064589-495194791-1000\..Trusted Domains: drei.to ([games] https in Trusted sites) O15 - HKU\S-1-5-21-3109638477-127064589-495194791-1000\..Trusted Domains: x7.to ([]https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A48842B-B5EF-4C72-95D0-6B6A8D3E40CC}: DhcpNameServer = 139.7.30.126 139.7.30.125 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9927F8A-4FBE-4E06-802A-9286DB433134}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3109638477-127064589-495194791-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3109638477-127064589-495194791-1000 Winlogon: Shell - (C:\Users\figur\AppData\Roaming\skype.dat) - C:\Users\figur\AppData\Roaming\skype.dat () O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O31 - SafeBoot: UseAlternatShell - 1 O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005.02.25 17:24:44 | 000,000,051 | R--- | M] () - F:\autorun.inf -- [ UDF ] O33 - MountPoints2\{7f1448a0-36a8-11e0-a9ac-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{7f1448a0-36a8-11e0-a9ac-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Install.exe -- [2004.10.21 20:38:02 | 000,126,976 | R--- | M] (Macrovision Corporation) O33 - MountPoints2\{c7437061-ab25-11e0-8f2c-00a0c6000000}\Shell - "" = AutoRun O33 - MountPoints2\{c7437061-ab25-11e0-8f2c-00a0c6000000}\Shell\AutoRun\command - "" = I:\ZTE_Handset_USB_Driver.exe O33 - MountPoints2\{df2d72aa-d6de-11e0-8a52-00a0c6000000}\Shell - "" = AutoRun O33 - MountPoints2\{df2d72aa-d6de-11e0-8a52-00a0c6000000}\Shell\AutoRun\command - "" = N:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.12 16:31:51 | 000,000,000 | ---D | C] -- D:\Users\figur\Desktop\Männertag 2013 [2013.05.10 11:47:45 | 000,000,000 | ---D | C] -- D:\Users\figur\Desktop\Mt13 [2013.04.29 23:41:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2013.04.29 23:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 [2013.04.18 16:23:51 | 000,000,000 | ---D | C] -- D:\Users\figur\Desktop\DSK Praktikum [2013.04.14 16:56:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP [2013.04.14 13:09:29 | 000,000,000 | ---D | C] -- C:\Bilder N [2013.04.14 12:08:51 | 000,000,000 | ---D | C] -- C:\Windows\San Andreas Mod Installer [2013.04.14 12:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Mod Installer [1 D:\Users\figur\Desktop\*.tmp files -> D:\Users\figur\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014.01.27 20:03:52 | 003,449,138 | ---- | M] () -- D:\Users\figur\Desktop\DSCF0889.JPG [2014.01.27 19:37:50 | 002,089,078 | ---- | M] () -- D:\Users\figur\Desktop\DSCF0886.JPG [2013.05.13 13:43:17 | 000,664,764 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.05.13 13:43:17 | 000,624,946 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.05.13 13:43:17 | 000,134,932 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.05.13 13:43:17 | 000,110,584 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.05.13 13:41:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.13 13:41:20 | 2615,320,576 | -HS- | M] () -- C:\hiberfil.sys [2013.05.13 13:38:56 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys [2013.05.13 13:06:33 | 000,000,004 | ---- | M] () -- C:\Users\figur\AppData\Roaming\skype.ini [2013.05.13 13:06:19 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.13 02:07:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3109638477-127064589-495194791-1000UA.job [2013.05.13 01:55:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.13 01:53:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.12 21:36:39 | 000,054,108 | ---- | M] () -- D:\Users\figur\Desktop\945526_514430408620738_1546569873_n.jpg [2013.05.12 20:07:01 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3109638477-127064589-495194791-1000Core.job [2013.05.12 16:26:14 | 002,216,474 | ---- | M] () -- D:\Users\figur\Desktop\20130322_105246.jpg [2013.05.12 16:25:22 | 002,409,417 | ---- | M] () -- D:\Users\figur\Desktop\20130322_105241.jpg [2013.05.12 16:18:57 | 000,000,823 | ---- | M] () -- D:\Users\figur\Desktop\Rollenbeschreibung.lnk [2013.05.12 15:17:12 | 001,477,360 | ---- | M] () -- D:\Users\figur\Desktop\PlanKomm_Prozess_SoSe2013_Layout-Hinweise.pdf [2013.05.12 15:12:09 | 001,860,463 | ---- | M] () -- D:\Users\figur\Desktop\Layout-Vorgabe.zip [2013.05.12 13:43:32 | 000,019,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.12 13:43:32 | 000,019,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.10 12:03:56 | 000,005,253 | ---- | M] () -- D:\Users\figur\Desktop\DSK Wiesbaden.pdf [2013.05.06 16:51:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.05.02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013.04.30 13:18:47 | 003,917,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 D:\Users\figur\Desktop\*.tmp files -> D:\Users\figur\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.13 12:58:43 | 000,000,004 | ---- | C] () -- C:\Users\figur\AppData\Roaming\skype.ini [2013.05.12 21:36:47 | 000,054,108 | ---- | C] () -- D:\Users\figur\Desktop\945526_514430408620738_1546569873_n.jpg [2013.05.12 16:34:07 | 002,089,078 | ---- | C] () -- D:\Users\figur\Desktop\DSCF0886.JPG [2013.05.12 16:31:52 | 003,449,138 | ---- | C] () -- D:\Users\figur\Desktop\DSCF0889.JPG [2013.05.12 16:26:14 | 002,216,474 | ---- | C] () -- D:\Users\figur\Desktop\20130322_105246.jpg [2013.05.12 16:25:08 | 002,409,417 | ---- | C] () -- D:\Users\figur\Desktop\20130322_105241.jpg [2013.05.12 16:19:08 | 000,000,823 | ---- | C] () -- D:\Users\figur\Desktop\Rollenbeschreibung.lnk [2013.05.12 15:12:17 | 001,477,360 | ---- | C] () -- D:\Users\figur\Desktop\PlanKomm_Prozess_SoSe2013_Layout-Hinweise.pdf [2013.05.12 15:12:09 | 001,860,463 | ---- | C] () -- D:\Users\figur\Desktop\Layout-Vorgabe.zip [2013.05.08 09:30:33 | 000,005,253 | ---- | C] () -- D:\Users\figur\Desktop\DSK Wiesbaden.pdf [2013.05.06 16:51:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.04.04 22:31:38 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys [2013.04.04 22:31:38 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys [2013.03.11 18:04:26 | 000,000,218 | ---- | C] () -- C:\Users\figur\AppData\Local\recently-used.xbel [2012.07.23 21:28:01 | 002,953,448 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2012.03.11 17:08:10 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI [2012.03.11 16:04:00 | 000,084,480 | ---- | C] () -- C:\Users\figur\AppData\Roaming\skype.dat [2012.02.20 15:45:02 | 000,000,287 | ---- | C] () -- C:\Users\figur\AppData\Local\VersionChecker_17.xml [2012.02.16 20:04:25 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2011.09.29 22:14:13 | 000,003,584 | ---- | C] () -- C:\Users\figur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.07.10 21:23:14 | 000,584,584 | ---- | C] () -- C:\Windows\adb.exe [2011.07.10 21:23:14 | 000,001,623 | ---- | C] () -- C:\Windows\InnoTipLanguage.ini [2011.06.11 00:37:16 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011.06.11 00:36:24 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.05.14 14:00:35 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.05.14 14:00:35 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2030.DAT [2009.04.09 14:44:42 | 000,108,066 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Code:
ATTFilter OTL Extras logfile created on: 13.05.2013 13:44:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = g:\
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 87,73% Memory free
6,49 Gb Paging File | 6,12 Gb Available in Paging File | 94,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 59,90 Gb Total Space | 19,13 Gb Free Space | 31,94% Space Free | Partition Type: NTFS
Drive D: | 100,00 Gb Total Space | 9,35 Gb Free Space | 9,35% Space Free | Partition Type: NTFS
Drive E: | 305,76 Gb Total Space | 28,06 Gb Free Space | 9,18% Space Free | Partition Type: NTFS
Drive F: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 1,89 Gb Total Space | 1,56 Gb Free Space | 82,69% Space Free | Partition Type: FAT32
Computer Name: FIGUR-PC | User Name: figur | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- E:\Program Files\PS CS 6\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\Program Files\Fotobuch\fotobuch.de\Designer 2.0\Designer.exe" = E:\Program Files\Fotobuch\fotobuch.de\Designer 2.0\Designer.exe:*:Designer.exe -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009C1869-451E-40AE-A41A-A21E72ED6F3A}" = rport=445 | protocol=6 | dir=out | app=system |
"{01B8ABAC-1D90-46A3-A55B-AA42E6E8B117}" = rport=138 | protocol=17 | dir=out | app=system |
"{01B90067-134F-406B-A57B-69F713CF03C7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0BC26644-28AE-4FC7-A9BE-392A1FB055F2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{111682D2-AD4D-4BE0-8D3D-E15DCAA685D1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1BC72A23-A3BF-48D4-8F1A-005347C4EC71}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3F901FC0-92B8-449C-9D00-796744D2AC18}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{429B0F19-5A3E-42B4-8B34-D17A05E68740}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{615507E0-A915-45F1-9890-E546C26A209D}" = lport=139 | protocol=6 | dir=in | app=system |
"{63A28F5F-BFB3-4357-99CC-995434CB79D6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{658EDBB1-A304-4021-ABE8-6E50B489EEC5}" = lport=445 | protocol=6 | dir=in | app=system |
"{6C00E6A0-F056-40FC-9D20-7E438743FAF5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{75D64749-451D-4ECD-B074-71AF7652F7EF}" = lport=138 | protocol=17 | dir=in | app=system |
"{7C72D6AB-455C-4EFC-A00E-45555AD3787F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7CC325AD-68A2-4012-AE38-DB18543AEB2E}" = rport=139 | protocol=6 | dir=out | app=system |
"{9861FB8D-7B0F-4A87-BA6D-267F710101A9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{A3EBFCCE-079B-4957-B907-6E9886E6FC50}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AC93D640-45AC-46A2-9C7A-B6623436BEE4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B70EE68F-D0BD-45D1-96FB-AC0CFA1EE368}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D46EB686-C5BB-4329-9447-471752DC5782}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D601692B-1CD7-4C8B-BFA0-14B75CD05366}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.6 |
"{D992DAFB-B762-4729-B88A-7797839FF2C3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E38F9C35-F1F8-4064-A6F8-7F86E1B560F0}" = lport=137 | protocol=17 | dir=in | app=system |
"{EA208381-5C67-4DC4-8B5D-CE824117F256}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F8738809-12F6-45EF-A681-3C31C67DD852}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0085B955-56BA-473F-8ED5-A69D8C843E52}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{02CB7ABC-7A24-4D49-94B8-22E1A1ABB12C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{03A0CE32-38BD-4B08-824E-1F267BB0D92F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{04BA9FAB-3C2B-47C2-8359-427278186989}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0559B808-F3D7-4353-AB37-94C4739E7EC0}" = protocol=6 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"{05A13A72-1A66-4971-ADBF-64A144EAB17D}" = protocol=6 | dir=in | app=e:\program files\ps6\adobe flash builder 4.6\flashbuilder.exe |
"{09A517CD-0FAE-4BFA-9D9D-34CD5F001A47}" = protocol=17 | dir=in | app=e:\teamviewer\version7\teamviewer.exe |
"{0CC90E07-0D62-467C-BF16-9F654E28F1FF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1952F11E-F340-4391-BA41-CDE0BCC9FA73}" = protocol=17 | dir=in | app=e:\teamviewer\version7\teamviewer_service.exe |
"{1CCCD02B-4812-4A08-B2D2-091E852BF90C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{1CD282C3-6482-4D26-A57D-C39721714315}" = protocol=6 | dir=in | app=e:\spiele\starcraft ii\versions\base15405\sc2.exe |
"{242FEC2E-D375-4A9F-A44D-52D1AD0234DF}" = protocol=6 | dir=in | app=e:\teamviewer\version7\teamviewer_service.exe |
"{2AAB60E1-5449-4235-AF33-804975A234D0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2BC6B7EE-509B-434C-946A-6AB38F96E8A4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2EC6259B-8A5D-4C27-AEF0-BCE5D349D45F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{3198636D-011F-47E0-A9F6-E6FA016F22B8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{38599AE1-76C5-45FE-A585-6100C76A3573}" = protocol=17 | dir=in | app=c:\users\figur\appdata\roaming\dropbox\bin\dropbox.exe |
"{391D0643-7576-44AA-A0DF-3AB0744B668C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3C979D3C-C62C-41AB-9987-97902D843F98}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3CDB117C-BEA0-4959-AFB3-765FD31584D0}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{3EDFFEC1-2B71-46AA-A3F7-C391976538E7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{3F6E5F4D-5EF3-4031-AEA9-8EFC03916942}" = protocol=17 | dir=in | app=e:\spiele\starcraft ii\versions\base15405\sc2.exe |
"{47065E43-46D8-45FF-9090-3FDFDE7E67E1}" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\launcher.exe |
"{4E8D4E6B-4A70-4CDE-9B05-88E828451466}" = protocol=6 | dir=in | app=e:\teamviewer\version7\teamviewer.exe |
"{557ACC55-17E2-49D8-A67D-135D45A6B0D4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{5AE17198-72C0-49B3-BDD9-38D2EE0E7967}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5AE45DB6-1B63-4352-86A6-AF522EBDEB53}" = protocol=6 | dir=out | app=system |
"{5B937E7C-ACC8-469F-83AF-4C8A96C3D646}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5BE830D5-7C5A-430A-A23C-A7440478D95B}" = protocol=17 | dir=in | app=e:\spiele\skyrim\steam.exe |
"{60E4AD5E-9905-45F7-AE3C-8B06CAAF9D2C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{61DF8C14-1C34-4290-AC65-06F1A5CCF267}" = protocol=17 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\fc2editor.exe |
"{61FF37CE-5A62-441E-9C82-24F38BBA2090}" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\launcher.exe |
"{75F8B34C-9AE8-4B3D-85DB-3491709E6797}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7BAA0695-CBBA-4E18-95D9-2E7277A72F46}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{7F4CDBDE-6F13-43EB-ACA6-AD0B235273C5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88C722A1-887E-479E-AB09-3A272FA3497D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{8F1848E2-E74B-495B-86C3-44696EB70E39}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{90AB74DD-BC6F-44F1-8E8B-0266D185BEFE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{95EA19CF-7959-44D7-8E79-EFA81EF85AA2}" = protocol=17 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\fc2launcher.exe |
"{997F5F9B-A978-4146-A110-DE7FC3A722DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A94BF7FC-6DBD-4751-AFCC-74E5DB61303D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AA1EFE17-8CAD-4420-B6E6-40712704E40F}" = protocol=17 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"{ADB109C7-3215-4520-9B7D-6AA2CF189466}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{B7E4D3CB-855B-4266-8CF5-C719A5308B1E}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{B9F64E1F-B269-4FE3-91DE-C4A305556699}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BA651E00-E545-4DEB-9B36-374004B1A6F8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BBB93082-7A5F-41DC-8CCF-A29616BBD961}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C8657679-17B5-474F-A6A1-7EE6A5DAE3E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CA94BBAD-5976-4DEB-B7A7-E79D40FB3490}" = protocol=6 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\farcry2.exe |
"{CAB5B3A0-63F3-4957-A442-AB30C83E99FD}" = protocol=17 | dir=in | app=e:\program files\icq\icq7.4\icq.exe |
"{CDCEC5DE-AE59-495E-A102-E23BCC584025}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D5E8A7E2-4904-4802-9CC2-CA7130CAF273}" = protocol=17 | dir=in | app=e:\program files\icq\icq7.4\icq.exe |
"{D8D5D0D6-569C-48EC-9185-0D5C35FF7643}" = protocol=6 | dir=in | app=e:\spiele\skyrim\steam.exe |
"{DC98AD21-6768-4D43-A30D-1AC341F6BA92}" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\launcher.patch.exe |
"{E60BF77C-2C8B-4595-9486-6936C8D1238B}" = protocol=6 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\fc2editor.exe |
"{E78488E7-F530-44E7-8B07-D94078721E8C}" = protocol=6 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\fc2launcher.exe |
"{E838FFD5-BB14-45CF-B07A-10E290B2ABFE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{EAD008FD-DDE5-4957-B3DA-CC45520D7F9C}" = protocol=17 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\farcry2.exe |
"{F00B81A9-BBCF-49F9-82BF-1F0F2473FA79}" = protocol=6 | dir=in | app=e:\program files\icq\icq7.4\icq.exe |
"{F285A74F-6849-402A-AED4-A81904F62214}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F343FCFF-97A3-41E6-A360-BEA385F56AC3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{F66E7FC1-9C54-4A8F-9DED-7E131287C44B}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{FA9D840E-9563-4507-88F0-8E4D60484484}" = protocol=17 | dir=in | app=e:\program files\ps6\adobe flash builder 4.6\flashbuilder.exe |
"{FC4EF06F-2D22-47CA-8328-B2AAB700B5D5}" = protocol=6 | dir=in | app=e:\program files\icq\icq7.4\icq.exe |
"{FD12A3F3-D574-4F16-9567-50578286410A}" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\launcher.patch.exe |
"{FDD8C4FD-C1F3-4F53-A91D-8D551AC68C1D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{FE7F56E1-103E-4FEB-BC1E-6015ABBF4CB4}" = protocol=6 | dir=in | app=c:\users\figur\appdata\roaming\dropbox\bin\dropbox.exe |
"{FFB08827-23CE-4FFF-8B5F-1B4DAAF1B21E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"TCP Query User{0014723A-37A7-4C3F-A378-53C41E4CE426}E:\spiele\dead space\dead space.exe" = protocol=6 | dir=in | app=e:\spiele\dead space\dead space.exe |
"TCP Query User{0D27742F-5257-43C8-84EA-9E231B7DCE7B}E:\program files\vectorworks2012\renderworks\cinerender.exe" = protocol=6 | dir=in | app=e:\program files\vectorworks2012\renderworks\cinerender.exe |
"TCP Query User{0F3135FD-083F-4404-B6E2-69293123C8F2}E:\spiele\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe |
"TCP Query User{134391CC-2031-4295-AC94-FFE0E02E4318}E:\spiele\dead space\dead space.exe" = protocol=6 | dir=in | app=e:\spiele\dead space\dead space.exe |
"TCP Query User{16D03AAE-DCDD-4174-BBEA-CC40722A5C37}E:\spiele\tom clancy's splinter cell conviction\src\system\conviction_game.exe" = protocol=6 | dir=in | app=e:\spiele\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"TCP Query User{1C32063D-52A0-4031-AC61-7B4139B83A2D}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{1F31CC17-6C9F-45DA-A643-E52FCF7ABC55}E:\spiele\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=e:\spiele\call of duty black ops\blackops.exe |
"TCP Query User{292CF821-DD17-4218-89C3-5207B01E550A}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe |
"TCP Query User{2E14E686-E9F9-4B6A-8FD4-3C506F8B9EC3}E:\spiele\diablo3\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=e:\spiele\diablo3\diablo iii\diablo iii.exe |
"TCP Query User{39DF4CF3-A5FC-4EEC-A7C4-1762C4EBB1FF}E:\spiele\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{4BE721BA-D3A4-4D8D-B69E-2A7B6747D221}E:\spiele\dow\w40kwa.exe" = protocol=6 | dir=in | app=e:\spiele\dow\w40kwa.exe |
"TCP Query User{503EE2B4-27D0-47B6-AB6E-9A0483594BD8}E:\spiele\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=e:\spiele\anno 1404\tools\anno4web.exe |
"TCP Query User{5EB5CE72-82D0-47C3-9679-4FE154E69268}E:\spiele\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"TCP Query User{5FBFDC7D-4FD2-4134-BBB4-673685DCCF92}E:\spiele\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\backgrounddownloader.exe |
"TCP Query User{69CC34AE-A050-47F0-A138-8B6038D74588}C:\users\figur\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\figur\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{6AFAB6D0-E2FC-48BA-83F7-05EAE55483DB}E:\spiele\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe |
"TCP Query User{7385314B-85D2-42D0-8B7F-F620D9FF4F43}C:\programdata\battle.net\agent\agent.1363\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"TCP Query User{74C4E019-86D6-4FD1-871A-B7B60F9A3CF2}C:\programdata\battle.net\agent\agent.1267\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"TCP Query User{79ED69AB-42AA-4B60-8B66-272845B68CBE}E:\spiele\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe |
"TCP Query User{7D68FC6B-FABC-4781-A95C-487A550F6027}E:\program files\vectorworks2012\vectorworks2012e.exe" = protocol=6 | dir=in | app=e:\program files\vectorworks2012\vectorworks2012e.exe |
"TCP Query User{8976449F-3BA8-4C1C-B1D8-318B0AFA9A1F}E:\spiele\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"TCP Query User{8C5F385C-E7F8-47DA-A08C-1BDDC269EA47}E:\spiele\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=e:\spiele\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{9935F3CE-57DD-495D-B697-94BFB55504C0}C:\program files\ubisoft\xiii\system\xiii.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\xiii\system\xiii.exe |
"TCP Query User{AB3DBF77-F304-466C-8ADD-D21B3C8E353E}E:\spiele\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=e:\spiele\call of duty black ops\blackops.exe |
"TCP Query User{C0428AC3-6D0C-4A44-9CD0-2C9D383B076F}E:\spiele\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe |
"TCP Query User{C46CC9E1-FC62-42E1-8BE1-BCA9FD9EC549}E:\spiele\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe |
"TCP Query User{C49EAA02-60FF-4AD1-905C-9672FF9FA560}E:\program files\icq\icq7.4\icq.exe" = protocol=6 | dir=in | app=e:\program files\icq\icq7.4\icq.exe |
"TCP Query User{C5BE331E-0D81-4649-AA58-6B592113830F}E:\spiele\farcry2 (online check fehlt)\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=e:\spiele\farcry2 (online check fehlt)\far cry 2\bin\farcry2.exe |
"TCP Query User{CACABA95-CCA6-4AE6-94FD-812FFD8EBDB7}E:\spiele\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe |
"TCP Query User{D17DD753-F69F-4869-8DFA-C4A93FCA0743}E:\spiele\witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=e:\spiele\witcher 2\bin\witcher2.exe |
"TCP Query User{D2B9AE61-7D39-4100-B18D-020070661285}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{D2F8CD6E-DF6C-4517-AD88-C116E9D7997B}E:\spiele\tom clancy's splinter cell conviction\src\system\conviction_game.exe" = protocol=6 | dir=in | app=e:\spiele\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"TCP Query User{DCC6B09F-61CB-4CCC-86BE-4B7E28A49B01}C:\programdata\battle.net\agent\agent.1675\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"TCP Query User{DD8180FA-9C4E-44EA-A3DD-0191BE8D0267}D:\users\figur\downloads\diablo-iii-8370-dede-installer-downloader.exe" = protocol=6 | dir=in | app=d:\users\figur\downloads\diablo-iii-8370-dede-installer-downloader.exe |
"TCP Query User{E690B277-EA1C-4F70-82D3-91A8D83D7973}C:\users\figur\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\figur\appdata\roaming\spotify\spotify.exe |
"TCP Query User{F5C6E122-A674-4006-A3B2-62A824CF1CCE}E:\spiele\dow\w40k.exe" = protocol=6 | dir=in | app=e:\spiele\dow\w40k.exe |
"TCP Query User{F5F4B250-D476-4AC7-816C-D3CCF1136CB6}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe |
"TCP Query User{F780D198-5A14-42E4-9A7A-EFD0B98D85A3}E:\program files\vectorworks2012\renderworks\cinerender.exe" = protocol=6 | dir=in | app=e:\program files\vectorworks2012\renderworks\cinerender.exe |
"UDP Query User{0D019EB6-AF10-4B7A-AB56-40E018F47336}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{14436E6F-4B9C-4229-AB99-01A04281056F}D:\users\figur\downloads\diablo-iii-8370-dede-installer-downloader.exe" = protocol=17 | dir=in | app=d:\users\figur\downloads\diablo-iii-8370-dede-installer-downloader.exe |
"UDP Query User{2D20C224-3A2C-42AF-876A-3E4A76F76D60}E:\spiele\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe |
"UDP Query User{36F4E5EB-30CF-4DC8-83A3-ECEC86F73298}C:\programdata\battle.net\agent\agent.1675\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"UDP Query User{37DA6E4E-58ED-4CE0-9232-2B4963A5D371}E:\spiele\tom clancy's splinter cell conviction\src\system\conviction_game.exe" = protocol=17 | dir=in | app=e:\spiele\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"UDP Query User{47004818-6737-40C7-AF7E-0662A54BE024}E:\program files\vectorworks2012\renderworks\cinerender.exe" = protocol=17 | dir=in | app=e:\program files\vectorworks2012\renderworks\cinerender.exe |
"UDP Query User{4BF90717-43F7-44F7-A401-CB19EAB0815F}C:\programdata\battle.net\agent\agent.1267\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"UDP Query User{4DCD9E04-70EF-465E-92B2-E2DBA9D481C1}E:\program files\vectorworks2012\vectorworks2012e.exe" = protocol=17 | dir=in | app=e:\program files\vectorworks2012\vectorworks2012e.exe |
"UDP Query User{5CD2B3DA-0E1D-4139-A961-05F918CABF2C}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe |
"UDP Query User{5CE010C9-65B6-4BC3-B424-2C7AC30DF5E4}E:\spiele\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe |
"UDP Query User{64D9B77E-D7A6-4CE3-B8E3-DBB1893C701E}C:\programdata\battle.net\agent\agent.1363\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"UDP Query User{67363C7F-7A2D-4E1D-A0AB-37436FB3351F}E:\spiele\dead space\dead space.exe" = protocol=17 | dir=in | app=e:\spiele\dead space\dead space.exe |
"UDP Query User{708C39C5-CEB3-40A9-A5EF-74C2F62BE340}E:\spiele\tom clancy's splinter cell conviction\src\system\conviction_game.exe" = protocol=17 | dir=in | app=e:\spiele\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"UDP Query User{77E6FEB7-9173-49BF-B73E-939E5056281C}E:\spiele\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=e:\spiele\anno 1404\tools\anno4web.exe |
"UDP Query User{7AD0CBA2-1BFD-47A6-8960-730FCC6D7D05}E:\spiele\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=e:\spiele\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{7D8AE906-6B1D-4B2A-9E4D-E0C91134E508}E:\spiele\dow\w40k.exe" = protocol=17 | dir=in | app=e:\spiele\dow\w40k.exe |
"UDP Query User{8025A820-7070-4EEA-9FB0-2FB28D7A83EB}E:\spiele\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"UDP Query User{813FDE57-BD86-4228-8C14-86344241A1D6}E:\program files\icq\icq7.4\icq.exe" = protocol=17 | dir=in | app=e:\program files\icq\icq7.4\icq.exe |
"UDP Query User{883C0B46-D51D-41ED-B29E-FE32BC5B308D}E:\spiele\farcry2 (online check fehlt)\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=e:\spiele\farcry2 (online check fehlt)\far cry 2\bin\farcry2.exe |
"UDP Query User{88E88493-832B-40CB-AC8B-C7F46266FD0A}E:\spiele\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe |
"UDP Query User{8C104BB1-F90A-4731-ACA3-60025526958C}E:\spiele\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{8CAFE158-FD02-48CF-B113-D64BFE3380D9}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{95B58C57-C7E0-40A4-BB24-3114F5184899}E:\spiele\witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=e:\spiele\witcher 2\bin\witcher2.exe |
"UDP Query User{9B8EA6B9-35B0-4D4E-AB07-14FA7E4DEE07}C:\users\figur\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\figur\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{9F80FEA1-FAE2-4346-B9CA-7142DDCA07A5}E:\spiele\diablo3\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=e:\spiele\diablo3\diablo iii\diablo iii.exe |
"UDP Query User{A50931E4-3059-4BC5-8981-579472C7746B}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe |
"UDP Query User{A9E42F6A-83D6-48EA-926B-5083DF519523}E:\spiele\dead space\dead space.exe" = protocol=17 | dir=in | app=e:\spiele\dead space\dead space.exe |
"UDP Query User{B82FB9C6-CC21-497A-80D7-716453542BEC}E:\program files\vectorworks2012\renderworks\cinerender.exe" = protocol=17 | dir=in | app=e:\program files\vectorworks2012\renderworks\cinerender.exe |
"UDP Query User{B960B09B-C792-4245-9FFA-CBA497D472CA}E:\spiele\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=e:\spiele\call of duty black ops\blackops.exe |
"UDP Query User{BED86359-2871-4DE6-8094-ADE9C99EEAB7}E:\spiele\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe |
"UDP Query User{C21CF168-1D81-4C42-9372-1A6050867737}E:\spiele\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\backgrounddownloader.exe |
"UDP Query User{D03CBDA1-E7EA-4F78-9011-679CE91F7FEA}E:\spiele\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{D662E869-6165-4515-A6C0-A5811427FCE4}E:\spiele\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe |
"UDP Query User{D899DA01-7A3F-4D1E-88CA-7D23E8CEA58F}C:\users\figur\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\figur\appdata\roaming\spotify\spotify.exe |
"UDP Query User{DF520C42-CF22-48AC-927B-A4F4F68EEEB5}E:\spiele\dow\w40kwa.exe" = protocol=17 | dir=in | app=e:\spiele\dow\w40kwa.exe |
"UDP Query User{E6D57D9E-193A-49B3-A137-59746A9C660A}C:\program files\ubisoft\xiii\system\xiii.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\xiii\system\xiii.exe |
"UDP Query User{EEAA92B9-51AA-4A79-8B6E-D5908079E2A6}E:\spiele\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=e:\spiele\call of duty black ops\blackops.exe |
"UDP Query User{F85A4312-DEFF-42F0-BDF9-9A4DC49E76DF}E:\spiele\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E25A554-0153-45A7-B342-49003A36367C}" = PDFtk Server
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{42BC0474-6E50-464A-8183-5E3D32E41B1B}" = XIII
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7020FC34-6E04-4858-924D-354B28CB2402}_is1" = Luminance HDR 2.3.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.3.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{87C2FAFA-E830-E3B1-A50E-876D00939884}" = Vectorworks 2012 Hilfe
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{912CE296-3D73-4A9D-B3FB-70A5CF7A8568}" = Empire Earth Ultimate Edition
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2D77DC2-8299-11D1-8949-444553540000}_is1" = ZTE Handset USB Driver 5.2066.1.8B02
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B99F3D-9856-482A-9048-305E28E2510C}" = Vodafone Mobile Connect
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"Designer 2.0_is1" = Designer 2.0
"Diablo III" = Diablo III
"ENTERPRISE" = Microsoft Office Enterprise 2007
"eu.computerworks.vectorworks.2012.help.deu.07222458214E034A0B494E83FAD6744C17D2B914.1" = Vectorworks 2012 Hilfe
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908
"Inkscape" = Inkscape 0.48.4
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"TeamViewer 7" = TeamViewer 7
"UnrealTournament" = Unreal Tournament
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3109638477-127064589-495194791-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Mozilla Firefox 6.0.2 (x86 de)" = Mozilla Firefox 6.0.2 (x86 de)
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.11.2012 12:31:13 | Computer Name = figur-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 16.11.2012 12:31:19 | Computer Name = figur-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 16.11.2012 12:31:21 | Computer Name = figur-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 29.11.2012 12:42:37 | Computer Name = figur-PC | Source = Application Hang | ID = 1002
Description = Programm Wow.exe, Version 5.1.0.16309 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 140 Startzeit:
01cdce38ba4415d4 Endzeit: 0 Anwendungspfad: E:\Spiele\World of Warcraft\Wow.exe Berichts-ID:
Error - 07.12.2012 08:26:12 | Computer Name = figur-PC | Source = Avira AntiVir | ID = 4118
Description = AUSNAHMEFEHLER beim Aufruf der Funktion <Scan> für die Datei C:\Program
Files\Windows Media Player\Network Sharing\wmpnss_color32.jpg. [ACCESS_VIOLATION
Exception!! EIP = 0x1e57462] Bitte Avira informieren und die obige Datei übersenden!
Error - 12.12.2012 20:14:07 | Computer Name = figur-PC | Source = Windows Search Service | ID = 3007
Description =
Error - 16.01.2013 08:10:24 | Computer Name = figur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: inkscape.exe, Version: 0.48.4.0,
Zeitstempel: 0x50cf79ae Name des fehlerhaften Moduls: inkscape.exe, Version: 0.48.4.0,
Zeitstempel: 0x50cf79ae Ausnahmecode: 0xc0000005 Fehleroffset: 0x00796b3a ID des fehlerhaften
Prozesses: 0x1048 Startzeit der fehlerhaften Anwendung: 0x01cdf3e1279e46ea Pfad der
fehlerhaften Anwendung: E:\Program Files\Inkscape\inkscape.exe Pfad des fehlerhaften
Moduls: E:\Program Files\Inkscape\inkscape.exe Berichtskennung: b432eed6-5fd5-11e2-8f0e-1c6f658620a9
Error - 30.01.2013 05:25:41 | Computer Name = figur-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16457 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: e94 Startzeit: 01cdfecbaf241a15 Endzeit: 40 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID:
Error - 10.02.2013 09:33:34 | Computer Name = figur-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 18.02.2013 13:34:31 | Computer Name = figur-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
[ Media Center Events ]
Error - 04.09.2011 06:23:26 | Computer Name = figur-PC | Source = MCUpdate | ID = 0
Description = 12:23:26 - Fehler beim Herstellen der Internetverbindung. 12:23:26
- Serververbindung konnte nicht hergestellt werden..
Error - 04.09.2011 06:23:38 | Computer Name = figur-PC | Source = MCUpdate | ID = 0
Description = 12:23:32 - Fehler beim Herstellen der Internetverbindung. 12:23:32
- Serververbindung konnte nicht hergestellt werden..
Error - 05.09.2011 09:52:57 | Computer Name = figur-PC | Source = MCUpdate | ID = 0
Description = 15:52:57 - Fehler beim Herstellen der Internetverbindung. 15:52:57
- Serververbindung konnte nicht hergestellt werden..
Error - 05.09.2011 09:53:07 | Computer Name = figur-PC | Source = MCUpdate | ID = 0
Description = 15:53:02 - Fehler beim Herstellen der Internetverbindung. 15:53:02
- Serververbindung konnte nicht hergestellt werden..
Error - 06.09.2011 02:18:58 | Computer Name = figur-PC | Source = MCUpdate | ID = 0
Description = 08:18:58 - Fehler beim Herstellen der Internetverbindung. 08:18:58
- Serververbindung konnte nicht hergestellt werden..
Error - 06.09.2011 02:19:08 | Computer Name = figur-PC | Source = MCUpdate | ID = 0
Description = 08:19:03 - Fehler beim Herstellen der Internetverbindung. 08:19:03
- Serververbindung konnte nicht hergestellt werden..
Error - 06.09.2011 12:57:15 | Computer Name = figur-PC | Source = MCUpdate | ID = 0
Description = 18:57:15 - Fehler beim Herstellen der Internetverbindung. 18:57:15
- Serververbindung konnte nicht hergestellt werden..
Error - 06.09.2011 12:57:25 | Computer Name = figur-PC | Source = MCUpdate | ID = 0
Description = 18:57:20 - Fehler beim Herstellen der Internetverbindung. 18:57:20
- Serververbindung konnte nicht hergestellt werden..
Error - 07.09.2011 06:45:19 | Computer Name = figur-PC | Source = MCUpdate | ID = 0
Description = 12:45:19 - Fehler beim Herstellen der Internetverbindung. 12:45:19
- Serververbindung konnte nicht hergestellt werden..
Error - 07.09.2011 06:45:36 | Computer Name = figur-PC | Source = MCUpdate | ID = 0
Description = 12:45:25 - Fehler beim Herstellen der Internetverbindung. 12:45:25
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 13.05.2013 07:41:35 | Computer Name = figur-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DNS-Client" ist vom Dienst "NetIO-Legacy-TDI-Supporttreiber"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 13.05.2013 07:41:35 | Computer Name = figur-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" ist vom Dienst "Ancillary
Function Driver for Winsock" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%31
Error - 13.05.2013 07:41:35 | Computer Name = figur-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerkspeicher-Schnittstellendienst" ist vom Dienst
"NSI proxy service driver." abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%31
Error - 13.05.2013 07:41:36 | Computer Name = figur-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Arbeitsstationsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.05.2013 07:41:36 | Computer Name = figur-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IP-Hilfsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.05.2013 07:41:36 | Computer Name = figur-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst
"Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%31
Error - 13.05.2013 07:41:36 | Computer Name = figur-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.05.2013 07:41:36 | Computer Name = figur-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.05.2013 07:41:36 | Computer Name = figur-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.05.2013 07:41:36 | Computer Name = figur-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD AppleCharger avipbb CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr sptd ssmdrv
tcpipBM
tdx
vwififlt
Wanarpv6
WfpLwf
ws2ifsl
< End of report >
|
| Themen zu Weißer-Bildschirm mit Zahlungsaufforderung, Abgesicherter Modus fährt sofort runter |
| 7-zip, antivir, avira, battle.net, bho, black, browser, converter, desktop, error, excel, firefox, flash player, frage, google, grand theft auto, helper, iexplore.exe, install.exe, ip-hilfsdienst, logfile, modus, mp3, object, plug-in, programm, realtek, registry, scan, software, spotify web helper, svchost.exe, taskhost.exe, teamspeak, trojaner, weißer bildschirm, windows |
Baum-Darstellung