| |
| |||||||
Log-Analyse und Auswertung: WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.09.2013, 17:27
| #1 |
 |  WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...) Seid kurzem öffnet sich ein neuer Tab von alleine, wenn ich meine Startseite (www.t-online.de) aufrufe. Dieser Tab kommt nach einiger Zeit aber erst. Die Seite wird von NoScript soweit blockiert, daß die Seite weiß bleibt und kein Inhalt angezeigt wird. Habe Malwarebytes durchlaufen lassen und entsprechende Funde gestern gelöscht. Ein erneuter Scan ergab keine Funde mehr. Nachdem ich heute den PC gestartet habe und die Startseite öffnete, kann nach einigen Minuten aber wieder der neue Tab mit dieser ominösen Adresse. Bekomme aber keinerlei Meldungen. (Norton, ect.) Habe bereits im Board auch gesucht und mir OTL herunter geladen und nach Anleitung ausgeführt. Die beiden Dateien sind im Anhang. Wenn zur Analyse bzw. Behebung des Problems weitere Infos benötigt werden, bin ich selbstverständlich bereit diese so gut wie möglich zu geben. Hier die Logfile von OTL-Editor: Code:
ATTFilter OTL logfile created on: 09.09.2013 17:29:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jason\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,75 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 50,11% Memory free 5,71 Gb Paging File | 4,14 Gb Available in Paging File | 72,65% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 95,34 Gb Total Space | 24,26 Gb Free Space | 25,45% Space Free | Partition Type: NTFS Drive D: | 3,91 Gb Total Space | 0,45 Gb Free Space | 11,60% Space Free | Partition Type: NTFS Drive F: | 19,53 Gb Total Space | 3,79 Gb Free Space | 19,43% Space Free | Partition Type: NTFS Drive G: | 14,65 Gb Total Space | 6,10 Gb Free Space | 41,62% Space Free | Partition Type: NTFS Drive H: | 8,79 Gb Total Space | 4,77 Gb Free Space | 54,29% Space Free | Partition Type: NTFS Drive M: | 698,64 Gb Total Space | 592,33 Gb Free Space | 84,78% Space Free | Partition Type: NTFS Computer Name: JASONS-PC | User Name: Jason | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.09.09 17:25:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe PRC - [2013.09.08 14:48:26 | 003,045,688 | ---- | M] (Emsi Software GmbH) -- C:\Programme\a-squared Anti-Malware\a2service.exe PRC - [2013.07.15 09:20:08 | 003,019,752 | ---- | M] () -- C:\Programme\GfK Internet-Monitor\GfK-Reporting.exe PRC - [2013.07.15 09:20:06 | 001,376,232 | ---- | M] () -- C:\Programme\GfK Internet-Monitor\GfK-Updater.exe PRC - [2013.07.15 09:09:47 | 003,300,328 | ---- | M] (GfK) -- C:\Programme\GfKLSPService\GfKLspService.exe PRC - [2013.07.15 09:09:44 | 000,058,856 | ---- | M] () -- C:\Programme\GfKLSPService\GfK-WatchDog.exe PRC - [2013.07.02 11:19:30 | 000,248,208 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2013.07.02 11:19:30 | 000,093,072 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe PRC - [2013.06.30 10:57:08 | 008,518,656 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe PRC - [2013.06.27 10:02:13 | 000,128,000 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe PRC - [2013.05.21 06:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.01.31 11:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012.12.31 18:38:24 | 000,542,344 | ---- | M] (Soluto) -- C:\Programme\Soluto\SolutoService.exe PRC - [2012.12.31 18:38:24 | 000,167,048 | ---- | M] (Soluto) -- C:\Programme\Soluto\SolutoLauncherService.exe PRC - [2012.12.31 18:38:22 | 001,229,448 | ---- | M] (Soluto) -- c:\Programme\Soluto\Soluto.exe PRC - [2012.03.19 12:23:46 | 000,380,416 | ---- | M] () -- C:\Programme\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010.03.03 20:39:40 | 002,598,760 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProTray.exe PRC - [2010.03.03 20:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProSvc.exe PRC - [2010.02.11 03:34:14 | 001,964,528 | ---- | M] (Symantec) -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe PRC - [2009.04.11 15:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.11 15:18:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE PRC - [2002.10.10 14:10:00 | 001,484,800 | ---- | M] (Steganos GmbH) -- C:\Programme\Steganos Mail CleanUp\smc.exe ========== Modules (No Company Name) ========== MOD - [2013.08.14 18:43:55 | 000,881,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d90e4a61ea36fd3825b96c804e485b5f\System.DirectoryServices.AccountManagement.ni.dll MOD - [2013.08.14 18:43:54 | 000,656,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\fa8e4197074aee3eef3d509646d1fee6\PCGPostBootResources.ni.dll MOD - [2013.08.14 18:43:54 | 000,052,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\e5658a6a0fbeb9a608638bfe64dc1a46\PCGHIDProbe.ni.dll MOD - [2013.08.14 18:43:53 | 000,039,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\f44150e06210d53e7b2ef741c9a978a7\PCGRSPProbe.ni.dll MOD - [2013.08.14 18:43:48 | 002,327,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\6c07f76ab73ce7b4dc02ccfec040ddc3\Community.CsharpSqlite.ni.dll MOD - [2013.08.14 18:43:46 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\d2b4cb089742f60f78b88a45657a2b23\PCGUsersCenter.ni.dll MOD - [2013.08.14 18:43:45 | 000,156,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\a1b58be83192ab18cbb59b63b454a348\PCGAppControlPluginLoader.ni.dll MOD - [2013.08.14 18:43:44 | 003,521,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\f28b94880d32b7d0f9dc09afb39b8578\PCGClientCommon.ni.dll MOD - [2013.08.14 18:43:39 | 000,157,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\b61347bbabfd37eb45d7b21023fead90\PCGBootVisualizingCommon.ni.dll MOD - [2013.08.14 18:43:38 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\8baeee3d3c3bdf77b52d17c88f09273b\PCGDriverProbe.ni.dll MOD - [2013.08.14 18:43:07 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\9b13c63ea8b113da4167c0beb4ba47db\PCGConfiguration.ni.dll MOD - [2013.08.14 18:43:05 | 002,617,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDatabase\648f9ebb649bf3c031a90f015d57fef6\PCGDatabase.ni.dll MOD - [2013.08.14 18:43:00 | 001,531,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\ea508eaf2b344d50506800952a056c9b\PCGAzureShared.ni.dll MOD - [2013.08.14 18:43:00 | 000,048,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\aa237c20e5b6400aa04f2aef8f1772d8\PCGAzureEntityFramework.ni.dll MOD - [2013.08.14 18:42:58 | 001,195,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGCommunication\38dd98ea8409ba85e407d8071d7ab196\PCGCommunication.ni.dll MOD - [2013.08.14 18:42:55 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\81bc1b6d3841abd28046fe6c85aace2d\PCGPreCompiled.ni.dll MOD - [2013.08.14 18:42:45 | 000,596,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\36bdd5973166173b1547256acbedb674\Ionic.Zip.Reduced.ni.dll MOD - [2013.08.14 18:42:45 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\d1e6c32b171bcd4592c7bd48917b80b0\PCGPrestoSerializer.ni.dll MOD - [2013.08.14 18:42:43 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll MOD - [2013.08.14 18:42:38 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll MOD - [2013.08.14 18:42:26 | 001,116,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ae531e6e51247607c26263c079d36a1f\System.DirectoryServices.ni.dll MOD - [2013.08.14 18:42:23 | 002,128,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\73eac3ed5aa67cf361f5215b3f5225eb\Newtonsoft.Json.Net35.ni.dll MOD - [2013.08.14 18:42:14 | 002,721,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGFramework\4356f5e3d4f901320896c44fb51c557f\PCGFramework.ni.dll MOD - [2013.08.14 18:42:07 | 001,622,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Soluto\ced8d11b78585cfb23b1029ae724e6cf\Soluto.ni.exe MOD - [2013.08.14 18:41:59 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b8e424ef545f262fd6cb9f35b97fc8b9\System.Configuration.ni.dll MOD - [2013.08.14 18:31:34 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll MOD - [2013.08.14 18:31:14 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f575e4c534a93294c72fea670ca73492\System.Windows.Forms.ni.dll MOD - [2013.08.14 18:31:02 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll MOD - [2013.08.14 18:30:50 | 002,518,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\7cd02a9717d729922877b5abc2d1ef6d\System.Data.Linq.ni.dll MOD - [2013.08.14 18:30:38 | 002,295,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\cfc7b22d4a9add9030b771860f86abba\System.Core.ni.dll MOD - [2013.08.14 18:29:38 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll MOD - [2013.07.15 09:09:44 | 000,058,856 | ---- | M] () -- C:\Programme\GfKLSPService\GfK-WatchDog.exe MOD - [2013.07.11 16:49:48 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\fe73c0ce3b7f9f61db4b2f8453521a2d\PCGWuInfo.ni.dll MOD - [2013.07.11 16:49:48 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\449c932b29b1df04449197f0693226a0\Interop.IWshRuntimeLibrary.ni.dll MOD - [2013.07.11 16:43:39 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll MOD - [2012.12.31 18:28:40 | 000,077,880 | ---- | M] () -- c:\Programme\Soluto\PCGDllExportInspector.dll MOD - [2012.07.22 10:19:32 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_de_b77a5c561934e089\System.Core.resources.dll MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Programme\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll MOD - [2012.03.19 12:23:46 | 000,380,416 | ---- | M] () -- C:\Programme\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe MOD - [2012.03.18 12:10:52 | 008,499,712 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\QtGui4.dll MOD - [2012.03.18 12:07:57 | 002,347,520 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\QtCore4.dll MOD - [2012.03.18 12:07:57 | 000,200,704 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\imageformats\qjpeg4.dll MOD - [2012.03.18 12:07:55 | 000,863,744 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\QtNetwork4.dll MOD - [2012.03.18 12:07:54 | 000,026,624 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\imageformats\qgif4.dll MOD - [2012.01.15 17:50:08 | 000,370,688 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\libsndfile.dll MOD - [2012.01.15 17:50:00 | 000,390,656 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus! for Skype\lame_enc.dll MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2009.04.11 18:48:39 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2009.04.11 18:48:18 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ========== Services (SafeList) ========== SRV - [2013.09.08 14:48:26 | 003,045,688 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Programme\a-squared Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2013.08.17 11:20:44 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.07.23 16:14:01 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.07.15 09:20:08 | 003,019,752 | ---- | M] () [Auto | Running] -- C:\Programme\GfK Internet-Monitor\GfK-Reporting.exe -- (GfK-Reporting-Service) SRV - [2013.07.15 09:20:06 | 001,376,232 | ---- | M] () [Auto | Running] -- C:\Programme\GfK Internet-Monitor\GfK-Updater.exe -- (GfK-Update-Service) SRV - [2013.07.15 09:09:47 | 003,300,328 | ---- | M] (GfK) [Auto | Running] -- C:\Programme\GfKLSPService\GfKLspService.exe -- (GfKLSPService) SRV - [2013.07.02 11:19:30 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2013.06.27 10:02:13 | 000,128,000 | ---- | M] (Yuna Software) [Auto | Running] -- C:\Programme\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe -- (MsgPlusService) SRV - [2013.06.21 10:57:12 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.05.21 06:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2013.01.03 13:42:57 | 001,259,448 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.12.31 18:38:24 | 000,542,344 | ---- | M] (Soluto) [Auto | Running] -- C:\Programme\Soluto\SolutoService.exe -- (SolutoService) SRV - [2012.12.31 18:38:24 | 000,167,048 | ---- | M] (Soluto) [Auto | Running] -- C:\Programme\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService) SRV - [2012.12.31 18:28:40 | 001,239,552 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\Programme\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService) SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011.06.17 09:33:46 | 000,295,192 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.06.13 23:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Fix it Center\Matsvc.exe -- (MatSvc) SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.03.03 20:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Programme\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost) SRV - [2010.02.12 08:09:06 | 001,574,408 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service) SRV - [2010.02.11 03:34:14 | 001,964,528 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe -- (SymSnapService) SRV - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2008.01.29 16:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist) SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.10.25 16:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Installer\WLSetupSvc.exe -- (WLSetupSvc) SRV - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate) SRV - [2007.09.26 10:53:56 | 000,554,352 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler) SRV - [2006.11.02 14:36:18 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip) SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys -- (cpuz136) DRV - [2013.09.08 14:48:27 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\a-squared Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2013.09.01 17:53:41 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130831.007\NAVEX15.SYS -- (NAVEX15) DRV - [2013.09.01 17:53:41 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130831.007\NAVENG.SYS -- (NAVENG) DRV - [2013.09.01 17:53:40 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2013.09.01 17:53:40 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2013.08.25 17:55:13 | 000,392,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130830.001\IDSvix86.sys -- (IDSVix86) DRV - [2013.06.19 17:06:51 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2013.05.31 18:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2013.05.23 07:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symefa.sys -- (SymEFA) DRV - [2013.05.21 07:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symds.sys -- (SymDS) DRV - [2013.05.16 07:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\srtsp.sys -- (SRTSP) DRV - [2013.04.25 02:43:56 | 000,352,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symtdiv.sys -- (SYMTDIv) DRV - [2013.04.16 04:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\ccsetx86.sys -- (ccSet_NIS) DRV - [2013.03.05 04:14:18 | 000,036,512 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2013.03.05 03:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\ironx86.sys -- (SymIRON) DRV - [2013.03.05 03:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\srtspx.sys -- (SRTSPX) DRV - [2013.02.19 22:32:54 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2013.01.23 10:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2013.01.23 10:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2013.01.23 10:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2013.01.23 10:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2012.12.31 18:28:24 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Soluto.sys -- (Soluto) DRV - [2012.10.28 13:20:40 | 000,063,616 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmUStor.sys -- (AmUStor) DRV - [2012.10.17 14:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012.06.18 13:58:52 | 000,016,000 | ---- | M] (SysNucleus) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\udsstub.sys -- (udsstub) DRV - [2012.05.19 04:02:38 | 000,236,392 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32) DRV - [2012.01.27 15:44:34 | 000,050,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcdriver.sys -- (hcdriver) DRV - [2011.09.02 08:31:28 | 000,081,304 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2011.09.02 08:30:58 | 000,065,048 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2011.09.02 08:30:58 | 000,022,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2011.08.15 23:34:56 | 000,108,544 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\MxEFUF32.sys -- (MxEFUF) DRV - [2010.08.12 13:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET) DRV - [2010.03.03 20:59:22 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2010.02.12 08:10:12 | 000,057,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GenericMount.sys -- (GenericMount) DRV - [2010.02.11 03:34:46 | 000,138,592 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\System32\drivers\symsnap.sys -- (symsnap) DRV - [2009.09.21 21:40:14 | 000,015,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vproeventmonitor.sys -- (VProEventMonitor) DRV - [2009.07.29 17:21:35 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2009.07.29 17:21:35 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2007.12.24 17:06:56 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2007.12.24 17:06:56 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750obex.sys -- (k750obex) DRV - [2007.04.23 16:54:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s115mgmt.sys -- (s115mgmt) DRV - [2007.04.23 16:54:50 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s115obex.sys -- (s115obex) DRV - [2007.04.23 16:54:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s115mdm.sys -- (s115mdm) DRV - [2007.04.23 16:54:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s115mdfl.sys -- (s115mdfl) DRV - [2007.04.23 16:54:46 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s115bus.sys -- (s115bus) DRV - [2005.02.11 12:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://www.bing.com/search?q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7403}: "URL" = hxxp://www.searchqu.com/web?src=ieb&systemid=403&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms} IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms} IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 BB B5 1E 80 0F CE 01 [binary data] IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.bing.com/search?q={searchTerms} IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.bing.com/search?q={searchTerms} IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://www.bing.com/search?q={searchTerms} IE - HKU\S-1-5-21-443034713-400772608-3178615674-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.order.3: "Bing " FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/" FF - prefs.js..extension.gacela.network.proxy.autoconfig_url: "" FF - prefs.js..extension.gacela.network.proxy.type: 5 FF - prefs.js..extensions.enabledAddons: DeviceDetection%40logitech.com:1.24.0.9 FF - prefs.js..extensions.enabledAddons: finder%40meingutscheincode.de:3.0.3 FF - prefs.js..extensions.enabledAddons: %7Bef4e370e-d9f0-4e00-b93e-a4f274cfdd5a%7D:1.4.9 FF - prefs.js..extensions.enabledAddons: fabtab%40captaincaveman.nl:1.5.2 FF - prefs.js..extensions.enabledAddons: fb_add_on%40avm.de:1.7.0 FF - prefs.js..extensions.enabledAddons: %7Bab91efd4-6975-4081-8552-1b3922ed79e2%7D:1.0.24.1 FF - prefs.js..extensions.enabledAddons: toolbar-ff%40payback.de:1.1.9.99 FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.3.4 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.7.1 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21 FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.12 FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.0.380%20-%201 FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.4.2.2 FF - prefs.js..extensions.enabledAddons: gacela2%40nurago.com:12.8.325 FF - prefs.js..extensions.enabledAddons: %7B080955ad-b8bb-4500-806f-d2b9ad73d72e%7D:2.0.19 FF - prefs.js..extensions.enabledItems: {fd795510-ca0d-42fa-a52c-29073bfdd019}:1.0 FF - prefs.js..extensions.enabledItems: fabtab@captaincaveman.nl:1.3.5 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.2b FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3 FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.21.0.11 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: gacela2@nurago.com:11.1.3012 FF - prefs.js..extensions.enabledItems: {080955ad-b8bb-4500-806f-d2b9ad73d72e}:1.8.71 FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=" FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 4001 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 4001 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 4001 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 4001 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 4001 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Adobe\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=12: C:\Program Files\Google\Google Updater\2.2.1273.1045\npCIDetect12.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: File not found FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: File not found FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Adobe\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Adobe\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gacela2@nurago.com: C:\Program Files\GfK Internet-Monitor File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ [2013.09.09 16:45:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\ [2012.09.23 11:20:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.08.17 11:20:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.08.17 11:20:36 | 000,000,000 | ---D | M] [2013.09.08 20:49:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Extensions [2011.06.23 17:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011.07.09 11:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com [2012.07.22 10:39:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions [2012.07.22 10:39:53 | 000,000,000 | ---D | M] (CS Lite) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{00084897-021a-4361-8423-083407a033e0} [2012.07.22 10:39:54 | 000,000,000 | ---D | M] ("Walnut2 for Firefox") -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e} [2012.07.22 10:39:54 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012.07.22 10:39:54 | 000,000,000 | ---D | M] (JonDoFox) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{437be45a-4114-11dd-b9ab-71d256d89593} [2012.07.22 10:39:54 | 000,000,000 | ---D | M] ("Walnut for Firefox") -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF} [2012.07.22 10:39:54 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2012.07.22 10:39:54 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012.07.22 10:39:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.07.22 10:39:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012.07.22 10:39:55 | 000,000,000 | ---D | M] (ProfileSwitcher) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4} [2013.08.30 16:54:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions [2013.08.30 16:54:30 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2013.04.16 22:32:45 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013.08.28 18:01:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.07.26 18:16:29 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions\DeviceDetection@logitech.com [2013.04.13 11:27:11 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\kmvksw0r.default\extensions\fb_add_on@avm.de [2013.03.15 18:25:16 | 000,085,870 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\fabtab@captaincaveman.nl.xpi [2011.09.21 23:29:39 | 000,105,020 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\finder@meingutscheincode.de.xpi [2013.07.29 19:02:27 | 000,128,837 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\toolbar-ff@payback.de.xpi [2013.07.26 20:51:46 | 000,791,540 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e}.xpi [2013.08.16 18:08:12 | 000,216,989 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2013.08.16 18:08:12 | 000,534,203 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.07.31 16:27:11 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.02.19 19:15:32 | 000,685,671 | ---- | M] () (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi [2010.10.31 22:36:06 | 000,001,820 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\searchplugins\bing.xml [2013.02.10 16:55:18 | 000,006,350 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\searchplugins\Google.xml [2010.10.28 10:41:06 | 000,005,529 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\mozilla\firefox\profiles\kmvksw0r.default\searchplugins\SearchquWebSearch.xml [2013.08.17 11:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.08.17 11:20:44 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.09.09 17:11:40 | 000,000,000 | ---D | M] (GfK Internet-Monitor) -- C:\PROGRAM FILES\GFK INTERNET-MONITOR [2013.09.09 16:45:09 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\COFFPLGN [2012.09.23 11:20:01 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPLGN [2012.11.12 12:41:04 | 000,171,136 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2012.02.21 21:10:41 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2010.10.28 10:41:06 | 000,005,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml O1 HOSTS File: ([2008.05.19 06:21:44 | 000,000,936 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (GfK Internet-Monitor) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Programme\GfK Internet-Monitor\Gacela2.dll (GfK) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - Reg Error: Value error. File not found O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O4 - HKLM..\Run: [emsisoftantimalwaresetup] "C:\Users\Jason\AppData\Local\Temp\EmsisoftAntiMalwareSetup.exe" File not found O4 - HKLM..\Run: [GfK-WatchDog] C:\Program Files\GfKLSPService\GfK-WatchDog.exe () O4 - HKLM..\Run: [MessengerPlusForSkypeService] C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software) O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe (Symantec Corporation) O4 - HKLM..\Run: [Philips Device Listener] C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe () O4 - HKLM..\Run: [Steganos Mail CleanUp] C:\Programme\Steganos Mail CleanUp\smc.exe (Steganos GmbH) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-443034713-400772608-3178615674-1000..\Run: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 1 O7 - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O7 - HKU\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 1 O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Über GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Programme\GfK Internet-Monitor\Gacela2.dll (GfK) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.3.1/jinstall-1_3_1_18-windows-i586.cab (Java Plug-in 10.25.2) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.3.1/jinstall-1_3_1_18-windows-i586.cab (Java Plug-in 1.3.1_18) O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8709F6B5-991A-4601-B282-DB03719DDE64}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found O18 - Protocol\Handler\AutorunsDisabled\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\AutorunsDisabled\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\AutorunsDisabled - No CLSID value found O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - M:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.09.09 17:24:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe [2013.09.09 16:49:23 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{A5463E9A-1550-4D05-A01B-8FFBEAC446D2} [2013.09.08 22:14:22 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{2AE681DB-4104-401C-9784-0389B6B314DA} [2013.09.08 20:12:47 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.09.08 14:35:54 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Anti-Malware [2013.09.08 09:50:39 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{4768073C-8667-4A2B-AB61-60BBF59BF1B5} [2013.09.06 20:09:26 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{2AF0AACD-B9C7-4AFB-94A9-A9EEE7FF3C15} [2013.09.05 17:58:10 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{632A169A-F29C-4A73-86CF-3FB48FDCAB23} [2013.09.04 17:16:05 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{DDF9E339-6F36-4082-985F-6AAC1D3C40F3} [2013.09.04 16:25:42 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{EF511A59-0139-4303-BD31-1729083342DC} [2013.09.03 16:15:48 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{35B1EEB3-69A5-4ECF-A956-05AE2C502DEF} [2013.09.02 17:15:06 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{E9643870-C1CD-4159-8615-B4CFAA7706AE} [2013.09.01 06:52:36 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{56ADC089-93C1-4F78-9686-24FF7E3C89CD} [2013.08.31 12:49:44 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{FE5B15D5-756F-4B37-AF31-BEA346DB1DBD} [2013.08.30 16:52:07 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{9D088991-8B45-482A-ADCF-AD69751F522E} [2013.08.29 16:37:33 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{C9E876EC-5A22-46F1-A70F-1EF6F2651057} [2013.08.28 17:43:51 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{164EDBDF-CFDB-407E-97F8-334591DBE13A} [2013.08.27 16:25:30 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{0C26A062-86FE-416A-A112-AC3D2A5151EF} [2013.08.26 16:19:34 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{5F6C2172-54AB-4597-AF81-56B8F301850A} [2013.08.25 09:16:11 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{EC2B211A-C192-4BD6-A577-C5C9D9686828} [2013.08.24 08:18:35 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{B1232010-2295-459D-9A36-069D9F4F2C4A} [2013.08.23 19:47:46 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{47BDFB76-5866-4665-9E5F-AE95664103FB} [2013.08.22 18:36:08 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{F8B9F227-284C-49F9-A172-8E9F55064AE5} [2013.08.21 17:54:13 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{9A1D15BA-3CBC-4BF9-8B14-9234AB964499} [2013.08.20 17:35:02 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{5E3CEBF8-4C07-49B9-A271-9F345648F668} [2013.08.19 16:20:30 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{CB8B2F8E-AC18-4B09-84FB-5E4336B8FB8D} [2013.08.18 13:19:34 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{FA4D205C-34B6-4489-BB3A-7D442AD8A080} [2013.08.17 11:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.08.17 09:38:47 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{1E44B08C-677F-467F-93FE-78531D7685CE} [2013.08.16 17:28:55 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{C1E36A50-D7F3-4332-A1AB-394DA26F6A2A} [2013.08.15 16:16:25 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{666A392E-1D21-4F69-9F17-6BA49D92D789} [2013.08.14 17:46:08 | 000,000,000 | --SD | C] -- C:\Users\Jason\Documents\Eigene Datenquellen [2013.08.14 16:50:32 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{357D64AB-19E9-4F5C-94C2-FF6227F9A19F} [2013.08.13 17:16:56 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{A4AEA838-CEFF-4393-B8A3-603857DDC91F} [2013.08.12 16:19:17 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{DCCFC563-6D16-472B-BFB5-860CEA288386} [2013.08.11 20:46:44 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2013.08.11 12:41:49 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{29D2F977-56B7-4063-A6FB-C17A05E62C12} ========== Files - Modified Within 30 Days ========== [2013.09.09 17:25:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe [2013.09.09 16:41:12 | 000,006,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.09.09 16:41:12 | 000,006,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.09.09 16:41:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.09.08 20:12:48 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.09.01 17:51:03 | 000,628,668 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.09.01 17:51:03 | 000,596,036 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.09.01 17:51:03 | 000,126,474 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.09.01 17:51:03 | 000,104,110 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.08.11 20:46:45 | 000,001,069 | ---- | M] () -- C:\Users\Jason\Desktop\Revo Uninstaller.lnk ========== Files Created - No Company Name ========== [2013.09.08 20:12:48 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.08.14 16:53:43 | 000,001,940 | ---- | C] () -- C:\Users\Jason\Desktop\TomTom HOME 2.lnk [2013.01.31 21:07:48 | 000,164,371 | ---- | C] () -- C:\Windows\hpoins19.dat [2013.01.31 21:07:27 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat [2013.01.14 19:11:05 | 000,002,824 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate [2012.11.25 15:48:39 | 000,006,656 | ---- | C] () -- C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.11.19 22:53:36 | 000,809,491 | ---- | C] () -- C:\Windows\System32\avcodec-52.84.800.dll [2012.11.19 22:53:36 | 000,159,251 | ---- | C] () -- C:\Windows\System32\swscale-0.11.800.dll [2012.11.19 22:53:36 | 000,087,040 | ---- | C] () -- C:\Windows\System32\avformat-52.74.800.dll [2012.11.19 22:53:36 | 000,070,675 | ---- | C] () -- C:\Windows\System32\avutil-50.22.800.dll [2012.09.23 19:57:34 | 000,000,306 | RHS- | C] () -- C:\Users\Jason\ntuser.pol [2012.09.05 17:53:34 | 000,000,680 | ---- | C] () -- C:\Users\Jason\AppData\Local\d3d9caps.dat [2012.07.22 11:19:50 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2012.07.22 10:49:00 | 000,150,996 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012.06.20 18:15:42 | 000,159,251 | ---- | C] () -- C:\Windows\System32\swscale-0.11.0.dll [2012.06.20 18:15:42 | 000,085,504 | ---- | C] () -- C:\Windows\System32\avformat-52.68.0.dll [2012.06.20 18:15:42 | 000,070,163 | ---- | C] () -- C:\Windows\System32\avutil-50.19.0.dll [2012.06.20 18:15:41 | 000,798,739 | ---- | C] () -- C:\Windows\System32\avcodec-52.77.0.dll [2012.04.30 11:44:02 | 000,003,848 | ---- | C] () -- C:\Windows\System32\GfKLSPService.ini [2012.04.30 11:44:02 | 000,002,640 | ---- | C] () -- C:\Windows\System32\GacelaLSPServiceOff.ini [2012.03.10 18:28:26 | 000,000,026 | ---- | C] () -- C:\Windows\VideoPlayer.INI [2012.02.26 11:03:13 | 000,808,979 | ---- | C] () -- C:\Windows\System32\avcodec-52.84.0.dll [2012.02.26 11:03:13 | 000,323,584 | ---- | C] () -- C:\Windows\System32\Deinterlace.dll [2012.02.26 11:03:13 | 000,159,251 | ---- | C] () -- C:\Windows\System32\swscale-0.11.1.dll [2012.02.26 11:03:13 | 000,086,528 | ---- | C] () -- C:\Windows\System32\avformat-52.74.0.dll [2012.02.26 11:03:13 | 000,070,675 | ---- | C] () -- C:\Windows\System32\avutil-50.22.0.dll [2012.02.26 11:03:13 | 000,049,152 | ---- | C] () -- C:\Windows\System32\avcore-0.16.1.dll [2009.11.08 06:09:20 | 000,000,695 | -H-- | C] () -- C:\Users\Jason\AppData\Roaming\vispa.ini [2009.01.10 05:33:28 | 000,558,930 | ---- | C] () -- C:\Users\Jason\jap.conf [2008.12.27 23:26:43 | 000,000,066 | ---- | C] () -- C:\Program Files\Common Files\nuhsoftwareuninstall.url [2008.11.02 06:19:21 | 000,000,105 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\default.pls [2008.08.09 21:53:02 | 000,001,024 | ---- | C] () -- C:\Users\Jason\.rnd [2008.04.18 17:39:54 | 000,021,497 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\UserTile.png [2007.10.17 03:35:56 | 004,112,384 | ---- | C] () -- C:\Users\Jason\s-1-5-21-443034713-400772608-3178615674-1000.rrr ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 15:18:30 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 15:18:20 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.07.22 10:39:45 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\AD ON Multimedia [2012.07.22 10:39:47 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ASCOMP Software [2012.07.26 18:45:51 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Dropbox [2012.07.22 10:39:47 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\EmTec [2012.07.22 10:39:47 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\HD Tune Pro [2013.04.16 22:27:57 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Image Zone Express [2012.07.22 10:39:47 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\JonDo [2012.07.22 10:39:49 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Leadertech [2012.07.22 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Nokia [2012.07.22 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Nokia Ovi Suite [2012.07.22 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Nokia Suite [2012.07.22 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\PC Suite [2008.07.03 18:22:19 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\PeerNetworking [2012.07.22 10:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Philips [2012.07.22 10:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Philips-Songbird [2012.07.22 10:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Printer Info Cache [2012.07.22 10:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Registry Mechanic [2009.06.07 16:58:41 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Skinux [2013.05.17 17:49:10 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Soluto [2012.07.22 10:40:00 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Teleca [2012.07.22 10:40:00 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Thunderbird [2012.07.22 10:40:01 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Tific [2013.03.31 00:27:10 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\TomTom [2012.07.22 10:40:01 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Tracker Software [2012.07.22 10:40:01 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Windows Live Writer ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 09.09.2013 17:29:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jason\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 50,11% Memory free
5,71 Gb Paging File | 4,14 Gb Available in Paging File | 72,65% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 95,34 Gb Total Space | 24,26 Gb Free Space | 25,45% Space Free | Partition Type: NTFS
Drive D: | 3,91 Gb Total Space | 0,45 Gb Free Space | 11,60% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 3,79 Gb Free Space | 19,43% Space Free | Partition Type: NTFS
Drive G: | 14,65 Gb Total Space | 6,10 Gb Free Space | 41,62% Space Free | Partition Type: NTFS
Drive H: | 8,79 Gb Total Space | 4,77 Gb Free Space | 54,29% Space Free | Partition Type: NTFS
Drive M: | 698,64 Gb Total Space | 592,33 Gb Free Space | 84,78% Space Free | Partition Type: NTFS
Computer Name: JASONS-PC | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{997ED1BE-4C3C-4CB4-AAC8-901FA95269CF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D5B2CC4E-03E6-498D-911A-2F3868514292}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D90402A5-0471-4A06-9D69-24B1FB70A9A3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FACCEB3F-252B-42CA-8069-7503BA1BB7F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DBF97B-D8C2-45C5-BF5B-52AF4FB001C1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0587D3F5-114E-400F-B226-B20686116C8E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{05A3DBDD-8135-450D-A095-F00497673B3C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{07AA31DB-EF6D-426A-8B58-6C8C23FADE87}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{099DD2CF-7CD2-4F23-B37E-758834654A1F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0AEC1A8B-3F0E-4397-A474-AF6319AEF571}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0D0DFDEF-29C4-4A12-A593-7AA5313C1233}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{10D8AB5D-6ECA-4C89-8DEB-05EB77F46A7C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1156991B-6D9E-47C8-B9F3-2AE0CCCAA9BC}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{16427F8F-B069-4E96-AB9D-2266EF787471}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{1B063951-51CE-497C-BED3-F4BF65B19635}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1BF41E8E-30CA-4F58-A62A-0BEE3F8D4562}" = protocol=17 | dir=in | app=c:\users\jason\downloads\solutoinstaller.exe |
"{1F067085-5616-474F-B373-542636407717}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1F2183E2-E5C2-4070-9262-7C036336091D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{23247463-22CC-47A7-AAB6-0D06A08F6DBF}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{246BB364-2752-4F4D-9287-5AB56587B128}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{271DC402-1B4E-4E16-A3CD-65F6C720B073}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\update_1f7e.exe |
"{2B020DDE-1280-4A14-802D-7EE3B412A54E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2BE72E88-FEB4-49FE-90C8-C3F9B714A2F7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2CAEB86A-862F-46BE-BDA4-AAA53CAFD7C0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{31933A0C-73EE-44F5-AD76-E01C15E311B7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3304C447-E83A-4DEE-9D53-909E14A8AC03}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{34C19A7D-5B67-40CA-84B7-53A1AD0593B5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3A355D68-809D-4DCA-AC52-33F7F3F2D63D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{43CB977A-40E5-4522-8F37-4758E357C2FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{446A215A-F0F4-497A-A22B-1B4C8EADA9BC}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{44AE3187-8255-487E-9073-3162ED0C7213}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\update_1f7e.exe |
"{470C0A5E-1887-4FB7-9C3A-8356083C5A18}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{498C0924-157E-42EE-A1F4-B85C553EFCA3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4C02E324-EAED-450B-8191-FA3945F2831E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5155C6FD-86A5-40FE-A1F7-044E45446AF5}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\7zs4090\hpdiagnosticcoreui.exe |
"{53A2DCFB-CDAD-4B34-83A2-C6A8702DF54D}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\7zs3536\hpdiagnosticcoreui.exe |
"{57AB9ECD-76A2-4802-A80B-B4906EDBD5E0}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{587C83E0-CA9E-4CE6-931D-B9A21B7225ED}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5942A0E1-F816-4AA3-91EC-3F84F8AC2DA7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5B19F699-E4A4-41F2-B369-5C8BBD69362B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{5F8F9EC2-DB93-4A2F-AAEF-511D5055D019}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6D761036-EAFE-413C-B096-3F0234E2A164}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6E2A35B1-63C4-4B52-BEB2-0DF23B79D037}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{72DA4170-4574-4779-BCDD-A57B654BA845}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{745897DB-B0B8-4170-B912-F1111FBF64F2}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{8124007F-F210-4901-B4A4-6827B99636E0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{82124BC8-DD71-4B36-ACD3-96A5CD8E006E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{83E1B52E-165A-4FB5-8C7D-4CFBD9F77A4E}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\7zs8279.tmp\symnrt.exe |
"{8B156F3F-7EF4-4EC0-A1B2-6B0A50EC28F3}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8CBD8680-9BD3-4150-9629-48554CDD483D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8DC04F92-729A-43C2-BA9F-930440D790BF}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\7zs5705.tmp\symnrt.exe |
"{8F39C948-D53E-4461-B68D-955051B73995}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8FDBDBE5-8FAC-453E-89A4-2BC7899181EC}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{901717ED-72D1-47B7-9FF1-9B176AE8297B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{91AD8529-B191-477B-8251-9CD329458FC1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{93256BEA-7A9B-458D-B427-E795072B3897}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{9402C0B6-FEA4-4D2E-9C99-17823B3692B9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{94A5882E-3A99-40E1-BDB7-CC2E2213380C}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{94DC1A3A-B357-447D-8C23-1C6289A52018}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{97DCB488-1CCB-4F25-8C08-C68C78313CB2}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{99BAD563-65CF-42CD-8AB4-2F2B66CE0E29}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A2C5B0EA-DD47-4E38-94F0-3DDDBEBE9901}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{A5FA43F9-69D7-48CD-9E54-43EF9C146ED4}" = protocol=6 | dir=in | app=c:\users\jason\appdata\roaming\dropbox\bin\dropbox.exe |
"{A756DF65-7A18-4D91-B5D6-F76B6CA93C2C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A7DCC2E2-F243-4FF5-A0DC-B49DEB0C6489}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AE4C1A99-EBDC-481C-B01E-B59A5D0F8509}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B22AF27A-BF9A-4FD4-8BA7-8204C48A85DA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B30D00E9-F0D9-4996-9F24-B807EA869F47}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B4E047DD-EAB1-4E8F-BB24-CB63D1F89848}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\7zs5705.tmp\symnrt.exe |
"{B587A7A3-6116-48E5-8D06-B4B7FBE96936}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BCCF7D91-6475-455C-A32A-214ABFD3CD11}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BE2FCE45-CFF4-485D-A963-9AEE70852E6C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C48BE8D3-F09B-43A1-ACFA-9A6631A30CCD}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C6D7DDF0-578A-486F-B3BE-B989FFA77E7B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C798FCE0-0A95-414F-A41B-58411CF4D5F3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C8439CA3-19A2-4420-A779-D689AAA6121B}" = protocol=17 | dir=in | app=c:\users\jason\downloads\solutoinstaller-jy47gopi25.exe |
"{C85D5039-CAA9-4352-8F8F-E5CFD2D2B63A}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\7zs4090\hpdiagnosticcoreui.exe |
"{CBA0A374-A005-4384-8A85-692686C24A32}" = protocol=17 | dir=in | app=c:\users\jason\appdata\roaming\dropbox\bin\dropbox.exe |
"{CC6848F4-3A90-440F-B5A4-57EE31B6965A}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{CCC4B3A1-8BF9-4CDB-8932-1F64AA46F88D}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\7zs3536\hpdiagnosticcoreui.exe |
"{CE6CD336-1CDB-4B88-9913-01589CC56303}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CEC9CAB4-AF67-4FF4-A14A-8D9BC129FC14}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{CF764163-2377-4463-8F84-1D0466CBF29B}" = protocol=6 | dir=in | app=c:\users\jason\downloads\solutoinstaller-jy47gopi25.exe |
"{D2F80B6E-41D0-457B-A2E3-B64E9BC59225}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\7zs8279.tmp\symnrt.exe |
"{D31DBA9A-4C38-4698-A753-B74CBEC13ECF}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D3A5DB8B-0502-4C97-AF7F-CC196A7D4C48}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D52F7CB9-6E01-4E69-BB3D-2CF4E9E081E2}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{D974CAD4-70B0-435D-BCA9-9CB5FD0D3679}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DE9964D0-AA96-48D9-A257-FEE6D39CC9B8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E17B8103-B8EC-4125-89C9-B9175E683DD6}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E8213107-3D3A-4CA0-80E2-5BE74EA416EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EC04DEC9-E870-4912-85A3-BAD14DD98364}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F0E54C5D-4F6F-4387-98AF-3A039666E456}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F331216E-43A7-482C-9D72-1D5F00AF50F4}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F3F5D08F-113D-4FD4-9B65-05FF2AC324E0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F40A3545-1C09-4AD8-A598-2C4CF748D0AD}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F4B9CDEC-1ED9-4B5A-9E24-0F4EBE6AEBFB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F7B825DC-D383-427D-A776-24336C618041}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F8CA3509-DE27-411C-AF8A-FCD4C0898A51}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F92C0F4A-725B-4459-A512-5E675EED5DC4}" = protocol=6 | dir=in | app=c:\users\jason\downloads\solutoinstaller.exe |
"{FAACEB9F-890F-4047-8E8A-AE85C1B4311B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FB3FB88A-802A-4BE4-AB82-D213BD241DB4}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FF67B586-4CA8-40FD-A6E2-A7906105B459}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FF753CF8-9937-4E2A-835C-0028B798FB6B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"TCP Query User{034C10EF-2766-4B8B-800C-D8897D91721E}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{0778932F-2E24-41A2-AF18-5E3ECA0345A6}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{0C2CF881-DB45-4F18-A1D7-FE847ED49279}C:\program files\windows live\contacts\wlcomm.exe" = protocol=6 | dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"TCP Query User{67999E21-6894-4F44-A843-3E036DC39198}C:\users\jason\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe |
"TCP Query User{7DB37AF3-42FB-430E-A7F9-6CC8855D563E}C:\program files\videoviewer\videoviewer.exe" = protocol=6 | dir=in | app=c:\program files\videoviewer\videoviewer.exe |
"TCP Query User{8090D974-C2A5-41ED-B817-ADB194757B2B}G:\programme\emule\emule0.50a\emule.exe" = protocol=6 | dir=in | app=g:\programme\emule\emule0.50a\emule.exe |
"TCP Query User{922BC696-7504-468B-A784-F0FB5FF65F8C}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{9D4DCED0-1786-402B-9293-F85462FE9CA1}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{C9F1C477-E7D0-4927-91FE-3A95AEB0D7B9}G:\programme\emule\emule0.49c\emule.exe" = protocol=6 | dir=in | app=g:\programme\emule\emule0.49c\emule.exe |
"TCP Query User{E91B4352-AEA9-4B54-A5F8-C432F9F1FCDD}G:\programme\emule\emule0.49c\emule.exe" = protocol=6 | dir=in | app=g:\programme\emule\emule0.49c\emule.exe |
"UDP Query User{2227EC30-B6CC-4691-8933-2BC3B4EBFCEA}C:\program files\windows live\contacts\wlcomm.exe" = protocol=17 | dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"UDP Query User{2796D7D7-E22B-4090-A9DB-9668CB915441}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{3B2A8B12-8BD2-4ABD-8497-17C5046F7C11}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{3C4AEDB6-C6F0-4200-A1B3-7CD5BA124984}C:\users\jason\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe |
"UDP Query User{46856D72-3EA3-457B-A759-2E0CBBD81CB6}G:\programme\emule\emule0.49c\emule.exe" = protocol=17 | dir=in | app=g:\programme\emule\emule0.49c\emule.exe |
"UDP Query User{8CCD6F3D-1DF1-4467-891C-F2916BFFC4CC}G:\programme\emule\emule0.49c\emule.exe" = protocol=17 | dir=in | app=g:\programme\emule\emule0.49c\emule.exe |
"UDP Query User{94F0AA9B-07D7-4147-B087-E282EEF1D922}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{9ECE6E30-CE75-4C79-9789-B511DE1462C0}G:\programme\emule\emule0.50a\emule.exe" = protocol=17 | dir=in | app=g:\programme\emule\emule0.50a\emule.exe |
"UDP Query User{A0CFBE1B-A1CC-4A1C-B1E7-CA22E00FFB58}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{EFA92DEC-9D32-4A16-A349-A64ECD4A5B1D}C:\program files\videoviewer\videoviewer.exe" = protocol=17 | dir=in | app=c:\program files\videoviewer\videoviewer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C808377-8C23-44ED-9016-05F42E6D4900}" = Nokia Suite
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15F02176-0D12-4FAF-B2CD-2767C7781427}" = Google SketchUp 8
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.24
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{68249B78-B714-11D7-88E8-0050DA21757E}" = Java 2 Runtime Environment Standard Edition 1.3.1_18
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{731318C8-FF6A-4D07-9615-B7D2A9D5052C}_is1" = Filerid3 Systemtuning
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{8121C79E-CAF0-478B-BE3B-1D88E8B30DB3}" = Steganos Mail CleanUp 5.1.10
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{879F7C80-BCA3-4A11-BDB1-658252ECD7E0}" = HP Product Detection
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{99072AB4-D795-44D5-9D65-E3C9F8322C97}" = TomTom HOME
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0255743-165B-4BD5-8DA8-37DFB9930015}" = Norton Ghost
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 307.74
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile-Gerätecenter: Treiberupdate
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1568757-E564-4cb5-8980-9333119A4384}" = F300
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9BC6655-79F8-4632-A343-E8F2CD70551A}" = Soluto
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"39992AD7-103F-4308-8BB7-3F65F543604D" = GfK Internet-Monitor
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Cat Licking Screen Cleaner Screensaver" = Cat Licking Screen Cleaner Screensaver
"ClearProg" = ClearProg 1.6.1 Beta 6
"FLIQLO" = FLIQLO Screen Saver
"Futaba VFD control program V2.3" = Futaba VFD control program V2.3
"Google Updater" = Google Updater
"HD Tune_is1" = HD Tune 2.55
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"Internet keyboard driver_is1" = Internet keyboard driver 2.0
"JonDoUninstall" = JonDo
"Licking Dog Screen Clean Screensaver" = Licking Dog Screen Clean Screensaver
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MailBell" = MailBell
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Matrix Code Emulator_is1" = Matrix Code Emulator 1.50
"Messenger Plus! for Skype" = Messenger Plus! for Skype
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 23.0.1 (x86 de)" = Mozilla Firefox 23.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"Nokia Suite" = Nokia Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Philips Songbird" = Philips Songbird
"PolarClock3" = PolarClock3 Screen Saver
"Registry Mechanic_is1" = Registry Mechanic 7.0
"Revo Uninstaller" = Revo Uninstaller 1.95
"SP6" = Logitech SetPoint 6.32
"SystemRequirementsLab" = System Requirements Lab
"Video Viewer" = Video Viewer
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.9.4
"xp-AntiSpy" = xp-AntiSpy 3.98-2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-443034713-400772608-3178615674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe ConnectNow Add-in" = Adobe ConnectNow Add-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.09.2013 16:36:16 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =
Error - 08.09.2013 16:40:11 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =
Error - 08.09.2013 16:55:34 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =
Error - 08.09.2013 16:59:26 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =
Error - 09.09.2013 10:47:34 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =
Error - 09.09.2013 11:00:18 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =
Error - 09.09.2013 11:11:43 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =
Error - 09.09.2013 11:23:45 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =
Error - 09.09.2013 11:27:58 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =
Error - 09.09.2013 11:32:20 | Computer Name = Jasons-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =
[ Media Center Events ]
Error - 17.04.2008 22:02:30 | Computer Name = Jason´s-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.
[ OSession Events ]
Error - 30.10.2011 15:24:28 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.11.2011 11:48:34 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.11.2011 15:26:55 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 02.12.2011 16:11:22 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 22.12.2011 18:43:10 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 22.12.2011 18:43:15 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 27.12.2011 12:09:20 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30.12.2011 18:47:52 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 02.01.2012 06:41:04 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 02.05.2012 16:02:49 | Computer Name = Jasons-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 09.09.2013 11:41:25 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 09.09.2013 11:41:35 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 09.09.2013 11:41:45 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 09.09.2013 11:41:55 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 09.09.2013 11:42:05 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 09.09.2013 11:42:15 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 09.09.2013 11:42:25 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 09.09.2013 11:42:25 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 09.09.2013 11:42:35 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 09.09.2013 11:42:35 | Computer Name = Jasons-PC | Source = Service Control Manager | ID = 7001
Description =
< End of report >
MfG. Geändert von JasonFF (09.09.2013 um 18:13 Uhr) |
| Themen zu WinVista: Neuer Tab öffnet sich von alleine bei MFF (http://7.rotator.wigetmedia.com/...) |
| 32 bit, adblock, adobe reader xi, analyse, angezeigt, anleitung, application/pdf:, askbar, benötigt, blockiert, board, dateien, funde, geladen, gestartet, gesuch, gesucht, helper.exe, heute, infos, inhalt, install.exe, malwarebytes, microsoft fix it, minute, minuten, neuer, norton, officejet, plug-in, scan, seite, sketchup, startseite, tab, tracker, öffnet |
Baum-Darstellung